urlscan.io logo urlscan.io
SecurityTrails logo

www.desteptarea.ro Open in urlscan Pro
2606:4700:3032::6815:40a7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.desteptarea.ro/
Effective URL: https://www.desteptarea.ro/
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 26 domains to perform 220 HTTP transactions. The main IP is 2606:4700:3032::6815:40a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.desteptarea.ro.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time www.desteptarea.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 40 2606:4700:303... 13335 (CLOUDFLAR...)
13 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 104.20.95.138 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 8 2606:4700:440... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 16 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.245.46.81 16509 (AMAZON-02)
1 80 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 142.250.185.130 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.207.250 16509 (AMAZON-02)
2 4 142.250.181.230 15169 (GOOGLE)
1 2 37.157.5.73 198622 (ADFORM)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.192.108.144 16509 (AMAZON-02)
5 35.190.43.134 15169 (GOOGLE)
2 4 37.157.6.243 198622 (ADFORM)
1 2a03:2880:f17... 32934 (FACEBOOK)
220 31
40    2606:4700:3032::6815:40a7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.desteptarea.ro
13    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
5    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
sender.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
21    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gml-grp.com
16    2606:4700:4400::6812:24ac (United States)

ASN13335 (CLOUDFLARENET, US)
promos.betano.de
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.245.46.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-81.fra56.r.cloudfront.net
dd.betano.de
80    2606:4700:4400::ac40:934d (United States)

ASN13335 (CLOUDFLARENET, US)
landingpages.kaizengaming.com
visuals.kaizengaming.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
12738953.fls.doubleclick.net
2    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    18.192.108.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-144.eu-central-1.compute.amazonaws.com
api-js.datadome.co
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
4    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
80 kaizengaming.com
landingpages.kaizengaming.com — Cisco Umbrella Rank: 242409
visuals.kaizengaming.com — Cisco Umbrella Rank: 238670
1 MB
40 desteptarea.ro
www.desteptarea.ro
610 KB
21 gstatic.com
fonts.gstatic.com
496 KB
17 betano.de
promos.betano.de — Cisco Umbrella Rank: 816201
dd.betano.de — Cisco Umbrella Rank: 530547
263 KB
15 wp.com
i0.wp.com — Cisco Umbrella Rank: 3696
stats.wp.com — Cisco Umbrella Rank: 2723
pixel.wp.com — Cisco Umbrella Rank: 2679
400 KB
8 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29111
ui.cleverwebserver.com — Cisco Umbrella Rank: 30174
sender.cleverwebserver.com — Cisco Umbrella Rank: 46087
lp.cleverwebserver.com — Cisco Umbrella Rank: 50659
call.cleverwebserver.com — Cisco Umbrella Rank: 30865
94 KB
6 adform.net
s2.adform.net — Cisco Umbrella Rank: 7060
track.adform.net — Cisco Umbrella Rank: 5048
35 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
12738953.fls.doubleclick.net — Cisco Umbrella Rank: 724601 Failed
3 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 922
tr6.snapchat.com — Cisco Umbrella Rank: 1368
1 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
377 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 98
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 12954
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6518
565 B
2 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 61278
2 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16730
c.statcounter.com — Cisco Umbrella Rank: 10394
15 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
186 B
1 datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 4769
409 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1260
18 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
538 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 3198
554 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
220 26
Domain Requested by
45 landingpages.kaizengaming.com code.jquery.com
landingpages.kaizengaming.com
promos.betano.de
40 www.desteptarea.ro 2 redirects www.desteptarea.ro
35 visuals.kaizengaming.com 1 redirects code.jquery.com
visuals.kaizengaming.com
21 fonts.gstatic.com fonts.googleapis.com
16 promos.betano.de 1 redirects lp.cleverwebserver.com
promos.betano.de
code.jquery.com
13 i0.wp.com www.desteptarea.ro
5 www.googletagmanager.com www.desteptarea.ro
promos.betano.de
www.googletagmanager.com
4 track.adform.net 2 redirects promos.betano.de
4 tr.snapchat.com sc-static.net
promos.betano.de
4 12738953.fls.doubleclick.net www.googletagmanager.com
4 lp.cleverwebserver.com www.desteptarea.ro
lp.cleverwebserver.com
3 bat.bing.com www.desteptarea.ro
bat.bing.com
promos.betano.de
2 adservice.google.com 12738953.fls.doubleclick.net
2 a.mgid.com www.desteptarea.ro
promos.betano.de
2 connect.facebook.net www.desteptarea.ro
connect.facebook.net
2 s2.adform.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de www.googletagmanager.com
promos.betano.de
2 www.google.com 1 redirects promos.betano.de
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 gml-grp.com 2 redirects
1 www.facebook.com promos.betano.de
1 tr6.snapchat.com sc-static.net
1 api-js.datadome.co dd.betano.de
1 sc-static.net www.googletagmanager.com
1 www.googleadservices.com 1 redirects
1 dd.betano.de promos.betano.de
1 cdn.jsdelivr.net promos.betano.de
1 code.jquery.com promos.betano.de
1 call.cleverwebserver.com www.desteptarea.ro
1 sender.cleverwebserver.com 1 redirects
1 s.w.org www.desteptarea.ro
1 ui.cleverwebserver.com www.desteptarea.ro
1 pixel.wp.com www.desteptarea.ro
1 region1.google-analytics.com www.googletagmanager.com
1 c.statcounter.com www.statcounter.com
1 scripts.cleverwebserver.com www.desteptarea.ro
1 www.statcounter.com www.desteptarea.ro
1 stats.wp.com www.desteptarea.ro
1 fonts.googleapis.com www.desteptarea.ro
220 40
Subject Issuer Validity Valid
desteptarea.ro
GTS CA 1P5		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
promos.betano.de
Cloudflare Inc ECC CA-3		 2023-09-11 -
2024-09-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
dd.betano.de
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
landingpages.kaizengaming.com
E1		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-01-22		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh

This page contains 14 frames:

Primary Page: https://www.desteptarea.ro/
Frame ID: 879690FA6B6D22C7AB4A5AE3FEFABC2A
Requests: 88 HTTP requests in this frame

Frame: https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 3D5A96CF0C606DFC4C7ADE53B7CA7094
Requests: 2 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
Frame ID: 79BE93CC3164CB91997FE7A99DFE6FC1
Requests: 4 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Frame ID: C5FFF6CAB65EABCDEDB33DFF43AD72BC
Requests: 87 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: F548D352C0F90A060D2BA5EB0E402551
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: B47FA24DF12CF933262E12E1CD3E521A
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CO6_iqaF3oMDFTZGkQUdcmEARA;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: E17B7CD274A6B610E777445AA164DB27
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: A109D42C39C5D81C972F654DD9633E46
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: AFCC4FBD95A11BEFD0CB6D54B2AE7A1B
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: 78225B8C7AE2CA8A63318EE6AC46DCB2
Requests: 10 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: A2537B9C0615155E581E6850FB6E821D
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b35f2f27-6f15-46a9-a6c8-e00a7e6432f6&u_sclid=85d4c17a-ef2b-4ac2-b906-92fc7fa9be8b
Frame ID: 5AA03B48667FBE64FB96EF1D29F7D9B0
Requests: 1 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/6af3d2f6-b4b5-44a4-9b35-3c342c888dc1
Frame ID: 0715018B52E650913C66C1F53F9D79D2
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: 9C1C94689F37A84341C18503D61947D2
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Desteptarea - Deșteptarea Bacău - Liderul presei băcăuane!Desteptarea - Deșteptarea Bacău - Liderul presei băcăuane!

Page URL History Show full URLs

  1. http://www.desteptarea.ro/ HTTP 301
    https://www.desteptarea.ro/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

220
Requests

95 %
HTTPS

63 %
IPv6

26
Domains

40
Subdomains

31
IPs

4
Countries

3717 kB
Transfer

7407 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.desteptarea.ro/ HTTP 301
    https://www.desteptarea.ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 76
  • https://sender.cleverwebserver.com/group/51407?id=773743&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&r=170559041&tok=33419711310201791433&t=1705275236&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00&ts=0.081 HTTP 301
  • https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
Request Chain 86
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE&AutoR=1 HTTP 302
  • https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Request Chain 110
  • https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 117
  • https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9Bx3LCwKu HTTP 302
  • https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9Bx3LCwKu&is_vtc=1&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&cid=CAQSGwAvHhf_K5okBwfLg0MewjINyFrxih3bnSrPaQ&random=1268955097 HTTP 302
  • https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9Bx3LCwKu&is_vtc=1&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&cid=CAQSGwAvHhf_K5okBwfLg0MewjINyFrxih3bnSrPaQ&random=1268955097&ipr=y
Request Chain 118
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CO6_iqaF3oMDFTZGkQUdcmEARA;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F
Request Chain 134
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Request Chain 135
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Request Chain 183
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 187
  • https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 301
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 188
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

220 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.desteptarea.ro/
Redirect Chain
  • http://www.desteptarea.ro/
  • https://www.desteptarea.ro/
643 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4bbf54832b17abc299e1a47ff0d4568745afc8f373b0bda4fa99e8c519dcd92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8459afcfd9d73c77-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 23:33:55 GMT
link
<https://www.desteptarea.ro/wp-json/>; rel="https://api.w.org/" <https://www.desteptarea.ro/wp-json/wp/v2/pages/393290>; rel="alternate"; type="application/json" <https://www.desteptarea.ro/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rMTzLXPawolS7cMiZjA5DqzHwRtqcPwYK%2FwOb6O7N4iSI0Tx2O2fMSd%2BRPAN6dIEZTpSlQqqqSL1sQuqvudmXuDkr54saoLcFlxW38Waaz1q7%2B2uaEIClcxXse%2BKkObi1Xi2sXy%2BgjoMX69eXpGpFs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
8459afcf7aa04d3a-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 14 Jan 2024 23:33:55 GMT
Expires
Mon, 15 Jan 2024 00:33:55 GMT
Location
https://www.desteptarea.ro/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx2v7DE8sudLm5CTmL66xA1NHJbpn3umKlQGqXE8p6Tpi0eCPOhSeyuRHlnivAKEyO91T%2FxtkVvUEmtG1MmDd%2FSNQSXSK1c4RfxdSfka81JqrXSC23EoGEIkerBzDVMgIBtLQhs%2FOCYgD%2BhVsTOnfmA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
www.desteptarea.ro/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/apps/head/4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b696652d817d82744bb5a64a9e78cd1e029b3364f0881e9d9ad1ce28fc7e6003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-amz-version-id
jHOGQm8TIVSv2ijk8liUcFX3rXfSLesM
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7G2AAGX7RR371PEX
age
5603650
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5ZlwOSDqiAKqRDCMzh8JrbIKtnOWbxN5JDR/iqv76jepqCCjfMvkXTwcSYG29ZBC9oUP6+iwoU8=
last-modified
Thu, 22 Jun 2023 16:47:20 GMT
server
cloudflare
etag
W/"72ed5df38f5354e8471fbf6bb70721d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1biu6tGVkH23151dJs%2BqK4VY62jIJdZy5CHN2nmGMLNFJEQN0oa4YTMKFFGPFiTpFRo5ulPjnrdm9eTWB%2FutluxELnIk4Dq%2BBTRkkptt5dZXPPuebSyO9mXfVqDRG%2FaevvBA%2BBbvcHC%2BLGCacgrt4No%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8459afd0fab93c77-CDG
jquery.min.js
www.desteptarea.ro/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Nov 2023 20:48:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3204002
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udQv3NdWkzDneG77gKKrQZKwjCiGv2bUIYmxjGy563RWItqGoi09VgSKpWpQZ1FkloIDwsYl%2BIlQLqZt3LOlh%2BqrGU6k0M2SUmgBtD3B7FQuLbVXNBdk70IOVfCKN5J4xPCdDBZ00SptCXbVdGd%2FEBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd0fabb3c77-CDG
alt-svc
h3=":443"; ma=86400
expires
Sun, 08 Dec 2024 03:33:54 GMT
casa.jpg
www.desteptarea.ro/wp-content/uploads/2023/12/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/12/casa.jpg
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5203e80b3c2052f6e01718d37241ca1bcc261ac5dcdab29cfe7255c2e4a2b227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3500963
alt-svc
h3=":443"; ma=86400
content-length
74999
last-modified
Tue, 05 Dec 2023 10:54:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf5pqxmb7nbmZHG6n599tTXzsb%2BVYxkwVbsIJ0bxMBdzF40KePvVeN4R6kb%2Fd0KTBXh1Gu%2BJV9%2F6bxMKBV4svMHCmPucCSuLemWwLtf%2BP%2BNAMYmRJTrwl%2FI8EHAME72mc%2FKev04MDBECJAPrPCR9phI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd0fabc3c77-CDG
expires
Wed, 04 Dec 2024 17:04:33 GMT
cap-desteptarea-nou.gif
www.desteptarea.ro/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/10/cap-desteptarea-nou.gif
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bd571ea670c264efcd43b8c6377b499d34cf2fe10fe4202dfdb2a3890e7885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3025467
alt-svc
h3=":443"; ma=86400
content-length
20523
last-modified
Mon, 30 Oct 2023 13:58:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjywcudvmaTzp%2F6flkHIjhv0LSFODkLygCtKmxOJAo8Vnap1dPapi86rCKtiN3FqkY%2FujGZXWxTV%2BXnydjMBsi10Rf5IqTwpXz1Iut78LxxOH4Mdk4Bx0sztoGaubQ0fSivzKikq7L1GZqvHRgzuhDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd0fabd3c77-CDG
expires
Tue, 10 Dec 2024 05:09:29 GMT
logo.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/02/logo.jpg?w=340&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
523762d6589fbd8cdf6ae37fedb69e5c53aa492691908a78531e6417b87d6873
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
4038
x-nc
HIT ams 1
last-modified
Sun, 02 Jul 2023 21:51:21 GMT
server
nginx
etag
"768f3944cf4733ee"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2020/02/logo.jpg>; rel="canonical"
expires
Wed, 02 Jul 2025 09:51:21 GMT
wt-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/11/wt-1.jpg?w=400&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
83e2cad04c8ef32b86de276e74364c2476e9b1634ddb687ecdb9da3b5479db67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6954
x-nc
HIT ams 3
last-modified
Sun, 02 Jul 2023 21:51:21 GMT
server
nginx
etag
"6b4c198a38d0cb8e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2020/11/wt-1.jpg>; rel="canonical"
expires
Wed, 02 Jul 2025 09:51:21 GMT
1c73afb47337c10c4899f15a56bc8ff6-jpg.webp
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2022/11/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2022/11/1c73afb47337c10c4899f15a56bc8ff6-jpg.webp?ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8834768897bb19af020b5c6afbbf0f981c17f4c15c444925c5a70348347fcb20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
40798
x-nc
HIT ams 4
last-modified
Sun, 02 Jul 2023 21:53:01 GMT
server
nginx
etag
"77246de89b739d1b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2022/11/1c73afb47337c10c4899f15a56bc8ff6-jpg.webp>; rel="canonical"
expires
Wed, 02 Jul 2025 09:53:01 GMT
bU9EAJ3XsHjFh_SszCFXVHtihLg.js
www.desteptarea.ro/cdn-cgi/apps/body/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/apps/body/bU9EAJ3XsHjFh_SszCFXVHtihLg.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/cdn-cgi/apps/head/4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc4f867a343a82689f30c1224ab9afbdaebd5207e037fc77b99de31425cba91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-amz-version-id
V0ZzOf2UC_5mKiMWw.K23gJpIxOaSara
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NQJMDQNWP6QFQRC1
age
5338427
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QZqr/nRfFXVwQjnQINJEQnVi9/WWsVSWZ1mm4UBhuXpvVVhydmF2TgkyttKdZm49MBWWN3KFtlY=
last-modified
Thu, 22 Jun 2023 16:47:20 GMT
server
cloudflare
etag
W/"8516c352499a582d2b0658b93c1f4ca1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99ofXUnd2n5yZZfyqmGAbbSBTNxQgqkg6sl1uMpnLkSGVqsv4LTPiByEAh9hnu8oyJQHreDpcq6fvQl7qPB%2F4SV87WHuqv7kZMWyIJTyqTbM6DoYAIC39AklYnP%2FaGYgtFzvI28MHg18nQ%2FSkalPPK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8459afd17fcc3a64-FRA
mediaelementplayer-legacy.min.css
www.desteptarea.ro/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Dec 2020 06:13:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1926953
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY4pW2cCA9KzRghEh9tIfMovQEQYQuc1mRVGeEaK0cdm59k1xWF%2B9ywlyDEB9VAh%2FjeOACdu6d%2F5fvmom5iUVM5D2OkMegGItDEE3NdTV8P%2FDCsf3xPD50%2FpGT4VQU%2Faq81y8RYLXxGrtgmaOWN%2BYVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd23a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Dec 2024 22:18:03 GMT
wp-mediaelement.min.css
www.desteptarea.ro/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.2
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 09:43:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1187003
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pt4KFufUhtyy44gTHvH9qXLnQxJU2yiut0iLq5FihCht%2FS22yocPmhsaQYGstX5d54HBZIz%2BFMpjbE6Lt3jMgOK6vGb%2Fo5YG77tridhbctV96xaxv%2Bm6Posu4CD7npyywKgpHoXpu5zcdXjjJcloka4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd33a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 31 Dec 2024 11:50:33 GMT
style.css
www.desteptarea.ro/wp-content/plugins/td-composer/td-multi-purpose/ 		38 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=38728
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KST70RsiWRz4ln%2B1CgbdLHTGHPcyBz3MlAiu1xh7Tm1lOjN%2FhR0SrAZgVTJM7RNVj90CyxoOTCCTBGtm6KAvxI7kIR8YVRTrPN1UxwBblvSdyHFVq6wJfsHD%2B9wdbbfgTHIstobSgjqmXDrxx21Lmh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd43a64-FRA
expires
Sat, 21 Dec 2024 23:06:34 GMT
css
fonts.googleapis.com/ 		41 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
890de6bda19513dfccb36d66c3551c4d3ff55f47ca9f65def1f8551c7c1543e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 23:33:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 23:33:56 GMT
font-awesome.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91d91bb1ca4c7eb188fbf2d6529173468f3e12b75aabd4ef301710815901626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=43832
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiZjWYKMS05mLiOFbZbn6SNsuAXc7qORnv0XoedA7o6vmKxpZ%2Fis5W5u5IGFd6WEqv1zYgiHE4c2Knu1MZmJIqi9sUSqN7SSjbnSsLo1uicb7F3pRvhmCSkVwILRKEIjixmRY12chJ1HwXd%2FrSmTMRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd53a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
typicons.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0f19d05c31552677c3717dd15e46d2d42903c8ffaa00adeece91c45c19665f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=26679
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDymIGhaSnAbaZF9W2cd02N2NC%2FO2Ya2Jk2Vn%2FSVJ%2F7X6EGxMKQ62i2BefPE4gqYIEFAznf4ymj1RNWE2iV6pJDkcx0jenEuhQOUG6sDEeQD3TxKe6wGzYWjj9Tjz91l8cTbxCB5IOtH3jDk9lyqSHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd63a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
td-multipurpose.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=12001
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKITjHFqhgSLxgwJFeKwpXY3%2BFaDckSiCE0DEjJ1oa2x0IihjowOXFmAIsYR8QynibdIAHw%2BjyudEYpJsE8w8TLi%2FMZiL8by8z5NwGwAKSnQGdhRhJBwiiIBrdvVSTLd1z5BiWFYHShT6zCUuSrJAKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd73a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
style.css
www.desteptarea.ro/wp-content/themes/Newspaper/ 		112 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8e252ca4e5d2d5e9ed4b681995105f525e35bab43539d099d4eb50ba345902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=157014
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqBehCRIU1oTy2J37mq4qGYNLb6EEpDx3WqC%2F023tOxHPQ4FCSmG66gFLeQxJ6Pf5utBA%2Ff3WqYWnkGPew3nriEeAq4wk3ZnEhrtDS0w2IJ%2BnwrtTWgrJeQ4e2HLxn9EvgptKqBsyf4PSoYXhotUeFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd83a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
td_legacy_main.css
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		136 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84c2b7321ad8eb40f83e070818c856e6ce0081e36bcb0c052cdc20ab9dfaaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=170492
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dS7vo1SGYW9NNuwpqtOlYHN%2Ba3%2BBu1%2FRWSexz7s%2BkCzGKdQG7D%2BlxlPwoDx2PFZje2cur3sBBJi99OQ5tGLVoZ17UBja%2B%2Btu3eFSqj768IgNoFeeSHinXZA4t9V5dV02PCakI5eE1B3xoieMx36ShI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fd93a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
td_standard_pack_main.css
www.desteptarea.ro/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		571 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=ced655a2648d3677707c9e7999346fb6
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171b52327c92328999d34a6409855714238bcbf554c4367b08e72fb5c80ff5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=734250
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdwL9nU0piKVMqAWurb523Uddd0FaKUsMwgwPYw3Rpo4TldVGITFHFbn8xqztN8jIoh9%2FZg5yjbLo3uzTiTZuEa6rC4G48nGOW0wqU0H7rO1Uc2AK1cc358pV9wC9GAtSv357VuiVD8tWH8WncUHuf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fda3a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
tdb_main.css
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=6cc04771d778c6f460cf525df52258a3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afcc663536de33d814d9d34e095d967c24ce211d814f8957ff9ff313bea37693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2010441
cf-polished
origSize=48163
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eajpKIVmQGdLtjzaX5FXYUs2clodWvpt9geAEBZvkW4uP8dKq%2FxOOvSCmWIW8JNe8ugd1nx2xRmXWUO50vo%2F%2FQwzmm5tOFYBHDIPHUnQZdREi%2BrgPLeDL2UHYSOycBo%2Bl538YKi3UVO31G81q0A13AE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fdb3a64-FRA
expires
Sat, 21 Dec 2024 23:06:35 GMT
jetpack.css
www.desteptarea.ro/wp-content/plugins/jetpack/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/jetpack/css/jetpack.css?ver=13.0
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345d30bfda363b5caab40c08fd96746739a9c5be673a0887cc4d16fc264132af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222978
cf-polished
origSize=101629
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 09:27:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfcrogJoUyS8rn9HbBimLZpqEoVj%2FbwDh5jNqrXy1chxzLKPsR4AJYr94UnaD2brApVGXu%2BszsMHvlaxJeCcyS258fyKp3VPrV36ie5r5JRLrKIgwlk3qqf7NSWBvvMKRZYi5c7a2RlHeu4%2FwU4lWKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fdc3a64-FRA
expires
Sat, 11 Jan 2025 15:37:38 GMT
SAL.png
www.desteptarea.ro/wp-content/uploads/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2022/08/SAL.png
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ac9b215d2e2d8b8330b9f3bf9f87aabad95656aadaec0796915794b566007d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5604275
alt-svc
h3=":443"; ma=86400
content-length
3669
last-modified
Fri, 26 Aug 2022 16:02:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hE19pj%2FoUffsBsH%2FOteDDB9eiMxH7MxQvBOi3%2BM25BRnZHBx43y1aijeyxTUxHR0UAO62R2qWhUbbyuRzSqLNePtfNfUu8kU8a3J68eueVRaj22B9sfL3xdtUh4X57BACHaJqSrdj7MDGFnDHA5MjkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd17fce3a64-FRA
expires
Sun, 10 Nov 2024 08:49:21 GMT
SOL.png
www.desteptarea.ro/wp-content/uploads/2022/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2022/08/SOL.png
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30afaa4f3695ec3d2b03c378dd7d3aa49aad4b9ca26ec08fd7f32822a32a8655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5683829
alt-svc
h3=":443"; ma=86400
content-length
2826
last-modified
Fri, 26 Aug 2022 16:02:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2U4DWPLC8jZamrom0ZB8j%2BWn3HB6K4XAYLp130F8t5dqlote0nZAk6wWzNPQQcw%2FRvF%2F7s%2BPbP80swbTSVSjPBwKzQGpg9PQ7TO9Azl%2B6xMm%2B9Q0mHA1oI9R0h%2F4NYkrypjDmMBx%2BhfzBSzkcTqCtA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd17fd03a64-FRA
expires
Sat, 09 Nov 2024 10:43:27 GMT
ban-ZIAR-COM-160x133-1.gif
www.desteptarea.ro/wp-content/uploads/2023/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/07/ban-ZIAR-COM-160x133-1.gif
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39fb09590a254d659b848446fe21a9155c886420fd119cd42e140ff5e8c09c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4043391
alt-svc
h3=":443"; ma=86400
content-length
9610
last-modified
Sat, 01 Jul 2023 06:11:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUy9v1R4K5ITv%2BtCJ%2BJnpmOY6%2Flv%2BftnYMV7xcTiVvtYzaUWLC7Wi9yBBbqqkwaVswFhM18hw9nGC0N%2FKjpPnfYY%2FsGVOeijoZYx7KTHMT5mdRE7YAuocTMbCk1mss6QwWkHvMN193SjiGG9YxjSnKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd17fd13a64-FRA
expires
Thu, 28 Nov 2024 10:24:05 GMT
jquery-migrate.min.js
www.desteptarea.ro/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/jquery/jquery-migrate.min.js?m=1692891375
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 15:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4047752
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpl2wIFm%2F5WVaGp41lGe7HSXKRUuxnT3w%2Fm09zFsodpLMMEo3UEWuFlIffh%2FBLUHv6hurh6qlE1HfvXjNEl%2BgboNjz%2BSgxBj77Q3BK%2FBhgX9lrD7FjBToR5Q5XoncpuSBhl%2Fycx2eXUxoZmt8bddqu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd15fac3a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Nov 2024 09:11:24 GMT
/
www.desteptarea.ro/_jb_static/ 		157 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/_jb_static/??-eJx1jk0OgjAQhW/jSjpggq6IN/AKZGgntaV/tgOE21sXuNLVy/te8uXBlhoZA1NgSG7RJhSwxAnlfOS4UlAxAy4cPTIbeSyN8aipkSqAMoXhW4UtZ/hhRpUjIxM4M2XMO9jXQnkXBxfSGTlzrm7K/ySsKvIpFsrgSKPc4UFbSZgqsHVHrcw68pM8CW8+Z+5+6G5t3/bd9dKf5DR0by5qXHY=
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52af4a707c20f15281abce98cd9e58502a98a466ce2896e977afe34c2b6a2f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jan 2024 09:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-page-optimize
cached
etag
W/"b48f4128f1566fbb97d5569ef6931178"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62DYlDurwUh1awccPXaUoaoZXAVQeNgYkII%2B47Dacf34XjsC%2BFmETxlsb%2BAnhH2YX7SvD2IdHaBJiMOAf46g7Hdfqp%2FYLkIBcIBS1I6CT9Tv8GVWSqNL6Xr%2BPGPZW5KQ7yWwD2Wl7C9PHP7Ox%2BaCng0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd15fad3a64-FRA
alt-svc
h3=":443"; ma=86400
tdPostImages.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5820bab8388c31b58a24f1930839b761838e25f2fb62bf01defe79682df91434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421002
cf-polished
origSize=2449
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15MGydOyrrfMdrlPtxxKASF90H7l%2Bq9sPcJ1XXf85aWFHl2T86o3EY%2FN6%2BrVPTNzWcZlXuMpNzgArEQEg%2BzHk0G23%2BtZX2ceB1yRkddZt0Ho1INuXdbPTUeezkQak2f7mubKPo%2BL%2F4AvjfFS7VqJac0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc03a64-FRA
expires
Thu, 09 Jan 2025 08:37:13 GMT
tdSocialSharing.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?m=1702832914
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8ab1a0ac9c26942bdc4e0ecc6813dde09c8fcf4a026e646c9e298ac14df58f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=2632
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J39SHtxlnqFtnZVV05gjFEuDq6Mi5mMIa7ueViAhl%2FpOTyC2sJIIjtAOe%2FIiJ5lVnrEBAuap6X5MKgB1MnwMkjUgH%2FdNvDXQjNueRKUAl6cilTDMnGxrBseNhDDKhGS8lM%2FE0u9u55znUCApQ3FnslE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc23a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
tdModalPostImages.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2245285a8ccda188395559d75e32d8450f722c98cf130079efe9a404a16c7107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=8892
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXSTJ9ya1sob9dbibhroQnfe0uxPFhF9c35DcWD9ueCKF0uUVgv0h6ja6gQfhgV86UvNm2CjlSoPG4zRiIvuL20cTx0jcniV9gDVUgMngbLMpOc51wY%2F4HjZRZk10qJ8EE1BRs9tjv6hkVH3vfEZj9s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc33a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
comment-reply.min.js
www.desteptarea.ro/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/comment-reply.min.js?m=1654688950
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Jun 2022 11:49:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4124781
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsBHwP2G0YrKoWvRAIfR30wvmy9%2FQHMe5XeKCpPNnYRhAH9yMeYjFQwu6NYcMH5deYGA%2FnzkW0GSz9pNl4CD9XwcCflsHLZeQB0mT%2FNDLIJ%2BcLSRrnzFsLmc8HsC%2FUcX6yPiF4BdkIhFZupgPskK7TY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc53a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 27 Nov 2024 11:47:35 GMT
e-202402.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202402.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356563.6672
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 05 Jan 2025 20:38:31 GMT
js_files_for_front.min.js
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?m=1702832921
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2439512
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3QT8Lvn2uT3PcqRHAgUBvLZRrVxKav9C%2Fpg2EbTp2UzSZkwRrR2881%2BZsqnu7pIod9tjKInBrg9EC2%2Fp90fPdtZ3vS0xZtRx%2Fs%2BizL5Bn2d9XgEwbX5TmC1GQZ1rVgGuDbTMpzwtZGed0aEVMS4dGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc63a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Dec 2024 23:55:24 GMT
counter.js
www.statcounter.com/counter/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Jan 2024 13:46:21 GMT
server
cloudflare
age
25357
etag
W/"65a142ad-a313"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8459afd1bb011d86-FRA
expires
Mon, 15 Jan 2024 04:31:19 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X1VRQ4MQEN
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc53300aaf62e4f20ebd24fc67bfd1f363dbffad8bef0a71d62a28fadaf6f436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 23:33:56 GMT
tdLoadingBox.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6902c494f155dafcadfb24f795da7ccf627052547d66b35053ca3582a78ffb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=2670
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XycfQlZfZhKaY8Ij6Lqf1lVfcBZW%2Fy3gVULsENMxfcoip9N6DX0lXtbso5awlqd%2FecW16WLvebE79GUMANHnKugfSdnPGkp6CAyOPea9rbQeXO7j%2Fw0bfqOKZmAgCVVdIOghycgPic7Lye2G1HzkXuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc73a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
tdbMenu.js
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=6cc04771d778c6f460cf525df52258a3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c62d99354195470e5b00ea8c9590bfc5810e78bf2e16fd72ae60785c19e0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=10781
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeaM3PQII9iM6ta5ISW38oBKZiAFbg95kNg4x6IOG1gyzHg%2B2h0QU5uB8KO4Umep9BoAXw6oe8CSjlr2uUpPk07NCZCbJcw9JzTi13mu3Yz23Q3kVp4VI%2BOY8lQQDovWq9jA41ytdq6BSw2BWwfw0%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc83a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
tdAjaxSearch.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2441846
cf-polished
origSize=6145
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4j5QtIIzChwwKYNM%2BW2UHDEwTJTTLmXu1jtv72aHzpy1QSNytbvk8EZF7n50Ac2Itsg6DrVtZxbd8Fa9RGWX%2BXP1Up6uSwReTnMCsqcxdldjg2fLgutqSH72W5ep9c807f7bH74pie2AX9MY6Q1qqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fc93a64-FRA
expires
Mon, 16 Dec 2024 23:16:30 GMT
tdInfiniteLoader.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b11c68015534cd3b9cdab77a80b64731487de92658f9786cd907794ba48c09a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=1874
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZGH8wcQtwKW8hJ2RziP6TVtHnxrtoCJtoBNI7gKRvUxwhhk1rX0gHCoCMNNC5EhWBtkJlCsWs%2FhC8aZXLzC%2FuQAT2bALpQFjvSNam6OXK%2FL13UN8RPYR2dDA5WxSV9rFGhCBtH3xI8fDD6Rg19XP0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fca3a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
tdSmartSidebar.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38793abd47e804032b94c26bb34ed5ee269d88a71dafe447498536523146c8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2439512
cf-polished
origSize=9716
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9O5wCk2sBhDCKDD7lasNixcEIWKW6m2xuJ3luyMWE6M%2BfyPO93fFF1GZaC6ZPObVWBvvrntttGH9tbQMdXqp5cOB8u2tAmICpAGPRwn1x68VAdOT3%2BmhTEsHkZZs42GXZ9a1JPVayuEo0TXwOzfowk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd17fcb3a64-FRA
expires
Mon, 16 Dec 2024 23:55:24 GMT
truncated
/ 		145 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67748f8cd5f52677bbeb04e15eadf694f50793e7b7f015607c5d1a78b2ccd2aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6669d5e7c502e78f47641fdc65a7490656d7b0e567cf155e7f51df8d750c378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
rss.png
i0.wp.com/www.desteptarea.ro/wp-includes/images/ 		520 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-includes/images/rss.png?resize=14%2C14&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
520
x-nc
HIT ams 2
last-modified
Wed, 20 Dec 2023 13:31:27 GMT
server
nginx
etag
"c36669b537ee79e1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-includes/images/rss.png>; rel="canonical"
expires
Sat, 20 Dec 2025 01:31:27 GMT
f88fc49f-5e3a-48df-b792-ba0492e14637
https://www.desteptarea.ro/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.desteptarea.ro/f88fc49f-5e3a-48df-b792-ba0492e14637
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
fab9ab356b6af7e8d3ec672601ce11f2.js
scripts.cleverwebserver.com/ 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/fab9ab356b6af7e8d3ec672601ce11f2.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1df83f5da497d02441ee7898515886d42aa8f18e0f9cf38e110d6b470f15763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-amz-version-id
aeNc2S1CKGcNQ.wF2Be0vBhBJwIq7mPL
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Dec 2023 17:12:54 GMT
server
cloudflare
x-amz-request-id
PMV3RV0J8HCQHCTD
etag
W/"cf4a5c550451cd97ecc2cc53f77072e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
8459afd2bf97693a-FRA
x-amz-id-2
AxJ6aKbD0nH1owuwWXg5pH6kqdD9KfUg2FmNBtGXI/H12K0B5i8cMVN/jszJqLDzcAI/MVpmMWM=
expires
Mon, 15 Jan 2024 00:03:56 GMT
newspaper.woff
www.desteptarea.ro/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ff5956551fc72f1de653dbcc731847e839614696a06b6fb65bc900993b6c9c

Request headers

Referer
https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5768133
alt-svc
h3=":443"; ma=86400
content-length
33384
last-modified
Sun, 08 Oct 2023 12:06:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MVU%2Btm7Rd%2BbUEwZzu43S3QBH829nhBKXqho0mtxjWDYO5qvgnvaxh5u6VOjztJSygSoui%2Ftb9CFCo7%2Bdo%2Flj11O0BCAtcQh8Y36VSrbp%2BgGsl%2Fx6sTWOtnow0h2iSDD8kYYys9iy7oCdNyDNinuj1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd298533a64-FRA
expires
Fri, 08 Nov 2024 11:18:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
321973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
fontawesome-webfont.woff2
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4121088
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Sun, 12 Nov 2023 10:50:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka%2BzpVKdIBzxWR%2Bq7ZzFZ%2FVMdAsQaiXtD2KQL1zzQt73AjuutwTpyIKQSxkPlgZD8D2PkOweCe0HSJK19PnA8cOXU9y8ziOTva4kf04fOlsrKXKK71sbqKuf2%2BZ7bfhCVGmg97dHEdDmwbuLG6zh4Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd298553a64-FRA
expires
Wed, 27 Nov 2024 12:49:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
483822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
typicons.woff
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.woff
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8

Request headers

Referer
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
750517
alt-svc
h3=":443"; ma=86400
content-length
59872
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lKPp4L5PK%2BAEAv%2Fg2gVgqzzEb1Do%2BXFFWhPYkeD4%2FoU9aNlB232J42psFG0ku5xOTmXX4b1EUgY8%2BN95Ub8sFO7da3qFAIrdhMQa%2BRNUSn%2FzzYnOx9mHorNyqy1WLdsZxV8KI48Gdxv8TcqWopDwKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8459afd298583a64-FRA
expires
Sun, 05 Jan 2025 13:05:19 GMT
ieVl2ZhbGCW-JoW6S34pSDpqYKU019K7DQ.woff2
fonts.gstatic.com/s/ptserifcaption/v17/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserifcaption/v17/ieVl2ZhbGCW-JoW6S34pSDpqYKU019K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
649548b779f30cb63e141770df9c1fd2aec5de08cdea49c4c9f8d8a5180a4ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:48:02 GMT
x-content-type-options
nosniff
age
492354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39676
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 06:48:02 GMT
QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2
fonts.gstatic.com/s/outfit/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/outfit/v11/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5897a8849de15a2ad907e8774d83685f49fd94cb15d986aa6333b9bb74dd106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 03:08:27 GMT
x-content-type-options
nosniff
age
505529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14084
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:40:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 03:08:27 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 04:46:03 GMT
x-content-type-options
nosniff
age
499673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 04:46:03 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:21:52 GMT
x-content-type-options
nosniff
age
213124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:21:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
540353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:01:41 GMT
x-content-type-options
nosniff
age
207135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 14:01:41 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 11:46:45 GMT
x-content-type-options
nosniff
age
215231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 11:46:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:10:29 GMT
x-content-type-options
nosniff
age
224607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 09:10:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
x-content-type-options
nosniff
age
162556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:24:40 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:16:49 GMT
x-content-type-options
nosniff
age
526627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 21:16:49 GMT
ieVl2ZhbGCW-JoW6S34pSDpqYKU019y7DRs5.woff2
fonts.gstatic.com/s/ptserifcaption/v17/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserifcaption/v17/ieVl2ZhbGCW-JoW6S34pSDpqYKU019y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86dd9db9351238b225bf1ed74e5c25c6bc013460366dd41775ac2dbf62cd2300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:05:28 GMT
x-content-type-options
nosniff
age
124108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 13:05:28 GMT
QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4i0ExAo.woff2
fonts.gstatic.com/s/outfit/v11/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/outfit/v11/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4i0ExAo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04647840b1b815ef28f377da140c4bc45821a5772d1d4e32a2baf3b754c6574b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:08:16 GMT
x-content-type-options
nosniff
age
170740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6188
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 00:08:16 GMT
iJWKBXyIfDnIV7nPrXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nPrXyi0A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:45:32 GMT
x-content-type-options
nosniff
age
510504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18928
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 01:45:32 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:14:38 GMT
x-content-type-options
nosniff
age
515958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:14:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:10:28 GMT
x-content-type-options
nosniff
age
321808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:10:28 GMT
EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:06:50 GMT
x-content-type-options
nosniff
age
203226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19332
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:06:50 GMT
nKKZ-Go6G5tXcrabGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcrabGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:31:20 GMT
x-content-type-options
nosniff
age
205356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19756
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 14:31:20 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:54:46 GMT
x-content-type-options
nosniff
age
484750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:54:46 GMT
QGYsz_wNahGAdqQ43Rh_cqDpp_k.woff2
fonts.gstatic.com/s/worksans/v19/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_cqDpp_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01be3b09ff08b902fbf43a706aca14b09af89436ce97bd20e82d2ba7d1a6a64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 18:18:15 GMT
x-content-type-options
nosniff
age
191741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 18:18:15 GMT
truncated
/ 		430 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
t.php
c.statcounter.com/ 		192 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12932177&u1=EAC72920391C4F6B3DD9EDAFA4753B03&java=1&security=25de08b3&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.desteptarea.ro/&t=Desteptarea%20-%20De%C8%99teptarea%20Bac%C4%83u%20-%20Liderul%20presei%20b%C4%83c%C4%83uane!&invisible=1&sc_rum_e_s=655&sc_rum_e_e=664&sc_rum_f_s=0&sc_rum_f_e=412&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.desteptarea.ro
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8459afd38c111d86-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1VRQ4MQEN&gtm=45je41a0v893660232&_p=1705275236358&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=652875248.1705275236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705275236&sct=1&seg=0&dl=https%3A%2F%2Fwww.desteptarea.ro%2F&dt=Desteptarea%20-%20De%C8%99teptarea%20Bac%C4%83u%20-%20Liderul%20presei%20b%C4%83c%C4%83uane!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1VRQ4MQEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.desteptarea.ro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=82660348&post=393290&tz=2&srv=www.desteptarea.ro&j=1%3A13.0&host=www.desteptarea.ro&ref=&fcp=493&rand=0.12213239016857513
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 Jan 2024 23:33:56 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
www.desteptarea.ro/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 07:21:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3383171
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDmIxqEiZSuiDMWdCWneSdTrJETKxbMDlUIWuyRiXJhTOBpx2Bx66gg6FOqtd5ZDqxRyIz%2BO%2FPNbdfHxnBM%2Bt119CVqR16gmjQ4bRug58CUpf0%2Bpobi8adGwGcvyimVNjEfJd3WK3aJ0Oeuyx5gCPVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
8459afd398f23a64-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Dec 2024 01:47:45 GMT
main.js
www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 3D5A
Redirect Chain
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3008f2261127f32e84eefc5c190582bc2c769977b045a8df76fd6d86bb4d2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P9hJHv%2BI10hqyknoyc8fLjTlsWAez4Fzx%2Bf3GQXXg5XYlpvn4FLX%2B38x2md6762CbtASRGBsk3ycVQIKOiWxkch1eDKK%2BMGLOnV%2B7DmYqXhUwITyIyfeMg43AAh7ev5ZiAISL5eYwkCDBaAJVEjvyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8459afd3d9063a64-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 14 Jan 2024 23:33:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75Fc%2BLc2Ja0ShIO4AnDTvdnzqC7mWrymFOQrKUnZCdsCh7Lrkt4FhZ9zIX1NRvE%2FCx%2B6pvRH1wTt7JiK5TO%2FUZIEzCcoI11x2BMkeUT8KsqIUPd2zp%2FxNCmbOa26G8szFMbQIO1g2bDkOrK437iO8Xo%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8459afd3a8f93a64-FRA
alt-svc
h3=":443"; ma=86400
/
ui.cleverwebserver.com/ 		159 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b3dd59d96ccb0a59f1ea38a47aae3d5d3314490772a4471b9ec889c04b88c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
8459afd3e822693a-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
27a1.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		242 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/27a1.svg
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
8ab75b37e150efe65cdfd300029b88de8355d72c7bbb5d2055f902aeaec3c14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
242
expires
Thu, 31 Dec 2037 23:55:55 GMT
8459afcfd9d73c77
www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3D5A 		0
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/jsd/r/8459afcfd9d73c77
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:40a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa83N0J5uUt1gmPnAWqXOAy2O8yVxphzkvvYJY87zEkTm2yc30Qaerq1ZtZFJPQUSHodZAizJOXCLyHogn%2FROGKX3o4urPaBCXiohsL4TrykzxEvBuxp427u4t6WdmJHtVvO%2FdacXc4BENO846AdN8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8459afd449433a64-FRA
alt-svc
h3=":443"; ma=86400
widescreen.html
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame 79BE
Redirect Chain
  • https://sender.cleverwebserver.com/group/51407?id=773743&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&r=170559041&tok=33419711310201791433&t=1705275236&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=...
  • https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2Jm...
2 KB
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59c9c9f7ecb8ef4248f37c732ab7db0df848a11185fb1116d6763e24fb5b842

Request headers

Referer
https://www.desteptarea.ro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=28800
cf-cache-status
MISS
cf-ray
8459afd4c87d693a-FRA
content-encoding
br
content-type
text/html
date
Sun, 14 Jan 2024 23:33:56 GMT
expires
Mon, 15 Jan 2024 07:33:56 GMT
last-modified
Fri, 12 Jan 2024 18:25:13 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
ehqon6uYbB/E8U7/4OPzpnu167Q/G21AI2CgcFIkiJ+q+0KBY+niZfYhKEd6Y/PU/V/A2fUx1xU=
x-amz-request-id
WFMV4XPXAWSTW3AZ

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8459afd46855693a-FRA
content-type
text/html
date
Sun, 14 Jan 2024 23:33:56 GMT
location
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
server
cloudflare
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		655 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=51407&c=DE&r=HE&l=75&b=Chrome&os=Win10&mob=0&v=1.60.6&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8459afd4785d693a-FRA
content-length
43
content-type
image/gif
bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame 79BE 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 15:38:45 GMT
server
cloudflare
x-amz-request-id
QAXKVMGR5GRRT0P0
age
26815
etag
"36d580ed1582db1c3722787924fc00d3"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=28800
accept-ranges
bytes
cf-ray
8459afd568bf693a-FRA
content-length
41072
x-amz-id-2
w1FRk1rHjBGY9n6m38Vst4bx17roaSlnrfwrdttERAbQfWUqj7/OXnYYNFeIR+Z5cCTJUuLan38=
expires
Mon, 15 Jan 2024 07:33:56 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 79BE 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Dec 2023 10:36:07 GMT
server
cloudflare
etag
W/"658bfe17-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8459afd568c0693a-FRA
expires
Tue, 16 Jan 2024 23:33:56 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame 79BE 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js?v=33
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=170559041
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V15HT561HNDFDFA8
age
26815
cf-polished
origSize=1799
x-amz-id-2
OLNL5+Akz0BG4JuLM1/7PtMtQTxuTjBl5zhtqqBrXMU68IPqiohoffX46KedIUESJF5/28Q7f7Q=
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 15:38:56 GMT
server
cloudflare
etag
W/"e5be82211892c5a612ab8274562f1ef2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=28800
cf-ray
8459afd578c6693a-FRA
expires
Mon, 15 Jan 2024 07:33:56 GMT
a7.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/a7.jpg?resize=696%2C392&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2236c8ecbf0e9e4e7d280de8b8e69e2f768e43ca26e529c813ae38287d5d7b8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
37806
x-nc
HIT ams 2
last-modified
Sun, 14 Jan 2024 17:35:41 GMT
server
nginx
etag
"70fa1307bc16b0bd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/a7.jpg>; rel="canonical"
expires
Wed, 14 Jan 2026 05:35:41 GMT
polonia.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/polonia.jpg?resize=696%2C368&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1fdd7a144b36adb6e59813e4e94ece504a3d5fef595cb2a9fb20320d06d2a098
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
21514
x-nc
HIT ams 1
last-modified
Sat, 13 Jan 2024 16:18:02 GMT
server
nginx
etag
"b257c825b74b42b4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/polonia.jpg>; rel="canonical"
expires
Tue, 13 Jan 2026 04:18:02 GMT
index.html
promos.betano.de/willkommenspaket/ Frame C5FF
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE&AutoR=1
  • https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09eac31468c9ccc4e1a3b9411f14296b3d0dc4062f4378e4c38070e15c268075
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
28661
cache-control
public, max-age=900, immutable
cf-cache-status
DYNAMIC
cf-ray
8459afd76d11360a-FRA
content-encoding
gzip
content-md5
uFN4f36vMGzzhOrcv8TbsA==
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 23:33:57 GMT
last-modified
Wed, 22 Nov 2023 09:55:40 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
f6757ab7-c01e-0021-5d1b-413679000000
x-ms-version
2014-02-14

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8459afd6da17229d-CDG
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 23:33:56 GMT
location
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA7c3Aq%2FAh0%2FIlaiG55w0C7uTj3r8TR7IPRen%2FIpFn3L36NFQO3ezwuPISuRi%2FGe%2Ft%2BP60%2BchkySUb%2BD3YJBGQQbYmhpFZc5O2yazbvQ6VkHd76%2BadnwrXdASc8MHDd7rZtQSvJMlOw%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
jedk.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/jedk.jpg?resize=696%2C390&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
5f78c29436555778230f47920e027b3a98f278553684bc202ac9391aa89e2e1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
24994
x-nc
HIT ams 6
last-modified
Sat, 13 Jan 2024 10:57:17 GMT
server
nginx
etag
"7997ddb068a65a4c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/jedk.jpg>; rel="canonical"
expires
Mon, 12 Jan 2026 22:57:17 GMT
Femke-Halsema.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/Femke-Halsema.jpg?resize=696%2C464&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
077d9072438a487dbe881fb0fde1aff2988eb4dd4c871b23798f6e00c10aa40f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
28050
x-nc
HIT ams 5
last-modified
Wed, 10 Jan 2024 11:18:17 GMT
server
nginx
etag
"b2b6b60f6a6be65e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/Femke-Halsema.jpg>; rel="canonical"
expires
Fri, 09 Jan 2026 23:18:17 GMT
salvamont-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/salvamont-1.jpg?resize=696%2C522&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3743f50c5cc9555c86c456716c1ada09dacbe2dbc8fc2c3b4c72f0bd84c2f7fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
67708
x-nc
HIT ams 2
last-modified
Sun, 14 Jan 2024 11:49:44 GMT
server
nginx
etag
"fa8de132a1bfea59"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/salvamont-1.jpg>; rel="canonical"
expires
Tue, 13 Jan 2026 23:49:44 GMT
bibire.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg?resize=150%2C132&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2184
x-nc
HIT ams 3
last-modified
Wed, 01 Nov 2023 18:23:46 GMT
server
nginx
etag
"64c8a5f9b2cc5371"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg>; rel="canonical"
expires
Sat, 01 Nov 2025 06:23:46 GMT
pag1-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg?resize=662%2C928&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:56 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
82212
x-nc
HIT ams 5
last-modified
Thu, 11 Jan 2024 05:02:54 GMT
server
nginx
etag
"5494ed642ba36e15"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg>; rel="canonical"
expires
Sat, 10 Jan 2026 17:02:54 GMT
bibire.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg?resize=150%2C132&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2184
x-nc
HIT ams 3
last-modified
Wed, 01 Nov 2023 18:23:46 GMT
server
nginx
etag
"64c8a5f9b2cc5371"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg>; rel="canonical"
expires
Sat, 01 Nov 2025 06:23:46 GMT
pag1-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg?resize=662%2C928&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
82212
x-nc
HIT ams 5
last-modified
Thu, 11 Jan 2024 05:02:54 GMT
server
nginx
etag
"5494ed642ba36e15"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg>; rel="canonical"
expires
Sat, 10 Jan 2026 17:02:54 GMT
r4JQVZETZTeQtnzawJh5s2Wbw6I.js
promos.betano.de/cdn-cgi/apps/head/ Frame C5FF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JTJVPRC3CKA836JB
age
377
content-length
1344
x-amz-id-2
Swi9CwScf+p98JaprpoBwSEa8wb6JhiC2qKiImH5mJwQM3urYFtSnjh3n3lP2XIDLli3HW4qAbI=
last-modified
Thu, 21 Dec 2023 12:52:13 GMT
server
cloudflare
etag
"30cf280ac36d10da9b831b91729cc23c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8459afd7bd68360a-FRA
expires
Mon, 13 Jan 2025 23:33:57 GMT
jquery-3.4.1.min.js
code.jquery.com/ Frame C5FF 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
592320
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-fra-eddf8230038-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705275237.108783,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 306095
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame C5FF 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3954374
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230138-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QWkMpuGT11AkizyZDPyNjPaheBg3z%2Fab%2FLufNb%2BH05DVYG8M5yEem0I7g7GNM5DgJYV0HFH7Z%2Bb%2FJfCcK8DiYWW6Fza0E1pQZygEf1qpa9VlG4hO8FwY6fC58%2BvMLzvgIeI1c1RIAEQ8TYn0hw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8459afd7dc2b4d68-FRA
Init.js
promos.betano.de/willkommenspaket/ Frame C5FF 		2 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Init.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
191
content-md5
MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FE1A984"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
81dfbef2-901e-003c-6785-223bc5000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8459afd7bd69360a-FRA
expires
Sun, 14 Jan 2024 23:48:57 GMT
Landing.js
promos.betano.de/willkommenspaket/ Frame C5FF 		614 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Landing.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
191
content-md5
IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FED1990"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
be6b9e35-b01e-003b-242b-1d57a6000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8459afd7bd6a360a-FRA
expires
Sun, 14 Jan 2024 23:48:57 GMT
custom.js
promos.betano.de/ Frame C5FF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/custom.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
582
content-md5
IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 20 Oct 2023 08:33:32 GMT
server
cloudflare
etag
W/"0x8DBD1473EA630C7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
14981d54-301e-0057-7798-16bc31000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd7cd6b360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
tagline.png
promos.betano.de/willkommenspaket/ Frame C5FF 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/tagline.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2k9YU1t/lIEgNgYbwdE88A==
age
582
content-length
224661
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
"0x8DBEB412FFF665B"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8144aee2-b01e-0014-1069-225a6d000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd7cd6c360a-FRA
expires
Sun, 14 Jan 2024 23:48:57 GMT
Rectangle.svg
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/Rectangle.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac6000bbe837f2a43dee3fb96ffca93a295df50a05c78c0399966f80955addf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
dd1a1fa7-201e-0006-2041-4721bd000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd7cd6d360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
bullet.svg
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/bullet.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b7bd9477070838750f61746626ffc53ddae65b39680ac485d22d13794ae96a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
3a49f4ff-b01e-0014-7541-475a6d000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd80d94360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
banner1.png
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner1.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d3bc711c5bb20c16325d434c766ea9daa5e448f5cfef3259c7675abfebbcb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
2b068d9d-301e-0057-1641-47bc31000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd81d9b360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
banner2.png
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner2.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0b1c989b2bfea121efdc5d4bb7a17b57b47038baf1809405461f353cdf453f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
2346c442-701e-000b-7141-47e969000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd81d9c360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
banner3.png
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner3.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890c3d78866ed60088a8a27ebf164417a6f45090bce7a152beb602000c13e029
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
85a1e0a1-501e-0041-3c41-474ae6000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd81d9d360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
gtm.js
www.googletagmanager.com/ Frame C5FF 		395 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db69172c2acd025aa390bdbb5bdf638926400d7eb3a1662ffb21572fd2a73ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117496
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 23:33:57 GMT
tags.js
dd.betano.de/ Frame C5FF 		147 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.betano.de/tags.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-81.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
bb429185dfa559bff451e975045b1b55d4aae3e051da009a47c3510bff45a68d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
date
Sun, 14 Jan 2024 23:28:19 GMT
x-amz-cf-pop
FRA56-P9
age
338
x-cache
Hit from cloudfront
content-length
27705
last-modified
Tue, 09 Jan 2024 14:20:03 GMT
server
Apache
etag
"24ce6-60e8402ab1362-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
_0KJmRMlP_pYHbaOCskUDWxphqnnckQ5YnWfU5Ukp3R_QC8bWlbXQg==
expires
Mon, 15 Jan 2024 00:28:19 GMT
Rectangle.svg
promos.betano.de/willkommenspaket/ Frame C5FF 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/Rectangle.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac6000bbe837f2a43dee3fb96ffca93a295df50a05c78c0399966f80955addf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
dd1a1fa7-201e-0006-2041-4721bd000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8459afd81d9e360a-FRA
expires
Sun, 14 Jan 2024 23:38:57 GMT
ns.html
www.googletagmanager.com/ Frame F548 		691 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad1f2971f38af30b421c36492c40962e08af17299748c673d62489a97cd429a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
322
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
main.js
promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame B47F
Redirect Chain
  • https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3008f2261127f32e84eefc5c190582bc2c769977b045a8df76fd6d86bb4d2c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8459afd83dad360a-FRA

Redirect headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control
max-age=300, public
cf-ray
8459afd82da0360a-FRA
css-betano.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		266 B
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
VV0mNMQdoST1edPAjk1m6w==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:08 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1339F5D"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3d8d79f1-001e-003e-1544-0d857d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd85dc51d8c-FRA
css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		799 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
kJMidRkqsO72r6TQLkoSKQ==
age
1232
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
W/"0x8DC137B8FAAFCB7"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
129c7d80-d01e-005f-5a65-45a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd85dc41d8c-FRA
css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
k3d6Yiaa8bmwIFFDC1yKKQ==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1452901"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e8ddd9be-401e-002f-2294-221fc9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd85dc61d8c-FRA
css-iframe.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
39E7RXrp/bQVuYTQHPOHVg==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D385763B"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
817b6350-d01e-003d-6803-336419000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd85dc21d8c-FRA
Theme.css
promos.betano.de/willkommenspaket/ Frame C5FF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Theme.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
190
content-md5
iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FC9DF39"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
90068dae-f01e-0048-5f2b-1d0f35000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8459afd82da3360a-FRA
expires
Sun, 14 Jan 2024 23:48:57 GMT
common.js
landingpages.kaizengaming.com/layout/ Frame C5FF 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/common.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Tt1r+v6iV6U4snwCJhK1bQ==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:08 GMT
server
cloudflare
etag
W/"0x8DBA4A5D12AEE0B"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ccd61407-b01e-0066-2efa-235d22000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd85dc71d8c-FRA
/
www.google.de/pagead/1p-conversion/763238947/ Frame F548
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&rando...
  • https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9...
  • https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9B...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9Bx3LCwKu&is_vtc=1&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&cid=CAQSGwAvHhf_K5okBwfLg0MewjINyFrxih3bnSrPaQ&random=1268955097&ipr=y
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=1220711081&sscte=1&crd=&pscrd=IhMIxK-HpoXegwMVuqX9Bx3LCwKu&is_vtc=1&ocp_id=ZW-kZYTpC7rL9u8Py5eI8Ao&cid=CAQSGwAvHhf_K5okBwfLg0MewjINyFrxih3bnSrPaQ&random=1268955097&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CO6_iqaF3oMDFTZGkQUdcmEARA;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame E17B
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F?
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CO6_iqaF3oMDFTZGkQUdcmEARA;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F?
0
0
8459afd76d11360a
promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B47F 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/8459afd76d11360a
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
8459afd8bdfb360a-FRA
content-type
text/plain; charset=UTF-8
slick.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		2 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/slick.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
WZ31BB/YyxPVIgu7I3iKsw==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D32ED756"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
56df6ee4-f01e-0067-4869-2202fe000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8be031d8c-FRA
slick-theme.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		3 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
UpLamLxcSvAJaktpLARRvQ==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D316E60C"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
67708c76-201e-0039-0f54-14e91e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce061d8c-FRA
css-fonts.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		4 KB
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pvSNyxtpXpV4jwDcVBs+8g==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1600014"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9036b126-001e-004c-3aa8-138232000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce081d8c-FRA
css-common.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		944 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-common.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
5eGR2sXfZgOapde0CV8YSg==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D14E9D7C"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d9cc6e8a-401e-003f-51bd-21daa1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce091d8c-FRA
css-landing.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
JDqCfcVQtN58am64kAmqvg==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D168B161"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6febd86a-e01e-0026-6a9f-335a1a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce0a1d8c-FRA
css-desktop.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
AOVpmo2f/4Wn1SoTquvjVA==
age
1713
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1574ECA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3d6da1a0-601e-0028-503a-2373aa000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce0c1d8c-FRA
css-tablet.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mr2IdhRK+4IeBy7KcyoBtQ==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D18E0E3F"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3d457550-601e-0028-1f30-2373aa000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce0d1d8c-FRA
css-mobile.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
y0J3Tr1dgXYbzTPMrvAM5Q==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D171FED7"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2a749784-301e-0068-33ad-217492000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce0e1d8c-FRA
css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame C5FF 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
D6htD+uya4gpW6XLW/HaDw==
age
1479
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D13C50A6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9a790d87-f01e-0005-2c07-24c0d9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd8ce0f1d8c-FRA
js
www.googletagmanager.com/gtag/ Frame C5FF 		274 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
534887e4810666f8febc04934d67e2dad8e68842107a9cb2da6f527fa6a0428a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 23:33:57 GMT
js
www.googletagmanager.com/gtag/ Frame C5FF 		265 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
480b320b7d1171f2bba5130550c9a7de6df42e94c03805e33de99255f43a0d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 23:33:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame C5FF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1705275237268&cv=11&fst=1705275237268&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Fwww.desteptarea.ro&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18768a835b126e690179add562634933484fcf917aff265856fc3febeee7c3db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame C5FF 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 21:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6344
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jan 2024 23:48:13 GMT
scevent.min.js
sc-static.net/ Frame C5FF 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
17883
x-amz-cf-id
BOGl-f_zRFd3QUOpXaRGYkLoto5DyzATauc6t1ipfffZSOWY2yMX0Q==
activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
12738953.fls.doubleclick.net/ Frame A109
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...
603 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
6fad8a48a73e5e07dc0d45d6ec77bc203c9f03c145973f48bfd9b2388d8b5ada
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
367
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Sun, 14 Jan 2024 23:33:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
12738953.fls.doubleclick.net/ Frame AFCC
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...
603 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
b6fadb7b5cb6b998d671ea9a5da3e2dd44f84dd38220f21a320f08eda3040546
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Sun, 14 Jan 2024 23:33:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame C5FF 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
fbevents.js
connect.facebook.net/en_US/ Frame C5FF 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 23:33:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
F99tejP6pUvBXjd6EzWWZJ3eMIzh8JyXvQnZtLSVZL2tAAo9EVUS2/drWtG2PR1lMCzvcIKGVhZUHTIdTZjdmA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ Frame C5FF 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 14 Jan 2024 23:33:56 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3AF9D21C0F484BCE896769E8992EEA43 Ref B: FRAEDGE1206 Ref C: 2024-01-14T23:33:57Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
mgsensor.js
a.mgid.com/ Frame C5FF 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1705275237285
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
3d5b4b66-4d8a-4a67-af77-6c11bd8816d7
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8459afd93b8d6ade-FRA
alt-svc
h3=":443"; ma=86400
iframe
visuals.kaizengaming.com/scripts/ Frame 7822 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f070010de8e57d667ddec3801fb66bcda95ba97e10464e100f5dbb27c2535e0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age
6374
cache-control
public, max-age=14400
cf-cache-status
DYNAMIC
cf-ray
8459afd94a5b71d7-FRA
content-encoding
gzip
content-md5
pRIJ2/N21dbBjDWXiJP+cQ==
content-type
text/html
date
Sun, 14 Jan 2024 23:33:57 GMT
expires
Mon, 15 Jan 2024 03:33:57 GMT
last-modified
Wed, 29 Mar 2023 06:31:05 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
a04fe4bf-c01e-0052-1e62-31a93b000000
x-ms-version
2011-08-18
index.html
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/de-sport/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cf611d3b63f5b4d7a676e7cc9150d7234794bdc71c089609467f015b96896e

Request headers

Accept
*/*
Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-md5
+EFUa5b1CzPUFAPmo7dXHA==
age
205167
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
db8168e7-701e-0079-2c64-45ee26000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd9396a90da-FRA
6cd62ed1-db96-45ae-9d32-90a779dc044c
https://promos.betano.de/ Frame C5FF 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://promos.betano.de/6cd62ed1-db96-45ae-9d32-90a779dc044c
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
www.google.com/pagead/1p-user-list/763238947/ Frame C5FF 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/763238947/?random=1705275237268&cv=11&fst=1705273200000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_JaHhkT7Osqe1dRg_kMdiaBkS4H5ekw&random=129288881&rmt_tld=0&ipr=y
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/763238947/ Frame C5FF 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/763238947/?random=1705275237268&cv=11&fst=1705273200000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_JaHhkT7Osqe1dRg_kMdiaBkS4H5ekw&random=129288881&rmt_tld=1&ipr=y
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
mwHkbVJHeMadNj4jxLZolA==
age
1308
content-length
19119
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B90CC485F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f2de213c-201e-0064-2c65-45e39a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fead1d8c-FRA
spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
oEUX3HqfuPUvYFG+QZJ9tQ==
age
1308
content-length
28849
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90426BD5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c489b6a3-a01e-0045-3465-45c7e1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feae1d8c-FRA
spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
jSdk+PY50XexolMJPt5Q0Q==
age
1308
content-length
24710
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B9072C3A5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d7b80493-701e-0056-3b65-45e3ed000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feaf1d8c-FRA
spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
JhbPFXjZywCGfmkqf6Kweg==
age
1308
content-length
25859
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90B31EB5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
129c926a-d01e-005f-5f65-45a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb01d8c-FRA
spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
XMp6ffG72oNhRO1DDx+D8g==
age
1308
content-length
19885
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90949E9D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
00b7792e-701e-0024-4e65-45e4a2000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb11d8c-FRA
spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
ZWskDbpA4tguY75DycNraw==
age
1308
content-length
19873
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B90D37344"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0595d599-301e-0057-2965-45bc31000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb21d8c-FRA
spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
bqT5Gi69cDmYsDYa4bEKsQ==
age
1308
content-length
18469
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B902BB2CD"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
e169ead3-001e-0063-0165-458ff9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb31d8c-FRA
spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
GASNhmiazNjE2gYaQyS6Dg==
age
1308
content-length
23572
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B903379E2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ed738094-301e-000a-0565-45b6b5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb41d8c-FRA
spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
SBVluZQtT7yiLEiEDAA5aQ==
age
1308
content-length
22894
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B907B26E7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ec607b2b-301e-0035-1b65-457e16000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb51d8c-FRA
spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
/0mt5FHZVIAjX94uZVR7dA==
age
1308
content-length
5318
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9131B23D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9c26007e-d01e-0070-6065-45abf5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb61d8c-FRA
spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
QZwghOjpQSeiH/VC0Pp+5g==
age
1308
content-length
17257
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B906AFC94"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8f316440-401e-002f-6165-451fc9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb71d8c-FRA
spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
n8zLW8cpLiU4kbUrGnwtDw==
age
1308
content-length
17581
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90BA70A6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
21bbe1b2-001e-002e-2a65-454015000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb81d8c-FRA
spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
exAxLiOKF1ZQ22Z4FzBs+g==
age
1308
content-length
15119
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B903AF2E4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
48b30120-101e-006f-4565-4518f1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feb91d8c-FRA
spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
3yDwl8syJHaDX8oSywlAEw==
age
1308
content-length
23395
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B908D4CA9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a3689aee-901e-005e-0465-45f9e2000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feba1d8c-FRA
FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
laAoZTUUiqFTjoKqlD93JA==
age
1308
content-length
31523
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B912187F6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4e381ef7-801e-006d-7965-45a649000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9febb1d8c-FRA
KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
X1Is2lD/8CCkI96L9PqC6Q==
age
1308
content-length
6098
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B912A8758"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b74f4927-801e-0030-3465-45accd000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9febc1d8c-FRA
logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
Wdb5g3cD4eZh2Tm0CyXe6A==
age
1308
content-length
8998
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9139042C"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
08a97420-501e-0041-1565-454ae6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9febd1d8c-FRA
logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
/8PMtJkMzUjtMFEegZIHcw==
age
1308
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
W/"0x8DC137B902439D7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9c26003e-d01e-0070-2565-45abf5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8459afd9febe1d8c-FRA
awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
aXcrchTaRow4V+J4yNZSjQ==
age
1308
content-length
4512
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9103A407"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ae6732a2-f01e-0067-4d65-4502fe000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9febf1d8c-FRA
awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
eXjGNE64RFjnYc6aOBQYqw==
age
1308
content-length
4692
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B910E29D6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
48cafdcd-e01e-0054-3f65-455d55000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec01d8c-FRA
awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
QL48N56WPpNnD2BJCbdfrQ==
age
1231
content-length
6010
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F8921C0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
981f3511-b01e-0066-1965-455d22000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec11d8c-FRA
awd_egr-award-2021-customer-services.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
p3VebR5AVw3QzT/Awp05+w==
age
1231
content-length
4583
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F81F6D4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b04b33ea-401e-0000-1865-451202000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec21d8c-FRA
awd_egr-award-2019-mobile-operator.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
44fs+40EJE8j1DmLrNorsQ==
age
1231
content-length
6296
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F7AA4E7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
21bbe1d1-001e-002e-4565-454015000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec31d8c-FRA
awd_sbc-awards.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
+S8h4H5YiK6h8Y4RwrAOJQ==
age
1231
content-length
6301
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FA13A20"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ed369c2a-601e-0028-6f65-4573aa000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec41d8c-FRA
icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
j0GjjlDNvp6PdAbk4d+Rqg==
age
1231
content-length
5932
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FE69D7E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
129c92a9-d01e-005f-1265-45a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec51d8c-FRA
icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
Xcsdo6ehQR3VQfTMT595Zw==
age
1231
content-length
5944
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FCD4CE5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
37c1f693-e01e-006b-5265-4595f6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec61d8c-FRA
icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
AUubypnMN2JeRlPkf9zpnQ==
age
1231
content-length
2235
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FDED674"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a596d47c-701e-0046-1b65-452685000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec81d8c-FRA
icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
DmyyMSlBYTT52o9Zn45TeA==
age
1231
content-length
1446
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FD513DD"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
129c92af-d01e-005f-1865-45a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fec91d8c-FRA
icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
Io37aBC4ERo7T8rJ2LvIeQ==
age
1231
content-length
1674
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FFC9351"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9f492280-e01e-0019-7565-4592b9000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9feca1d8c-FRA
icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame C5FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
HIT
content-md5
T9Bl2/9ajIjSJ/Oj1zQkFw==
age
1231
content-length
1615
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FEE6492"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
af182ff4-801e-0020-0165-4569a5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8459afd9fecb1d8c-FRA
dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame A109 		42 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Requested by
Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=COWCjqaF3oMDFdlmkQUda4kI3A;src=12738953;type=despo0;cat=despo0;ord=6266144985813;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12738953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame AFCC 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Requested by
Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CLuWjqaF3oMDFQNhkQUduE4FFA;src=12738953;type=deaff0;cat=deaff0;ord=1082937440663;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12738953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ Frame C5FF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 15 Jan 2024 00:13:45 GMT
64ee070c262380ef28e936b2
visuals.kaizengaming.com/a/ Frame 7822 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
8459afda0ad471d7-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
234568464078651
connect.facebook.net/signals/config/ Frame C5FF 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/234568464078651?v=2.9.140&r=stable&domain=lp.cleverwebserver.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d3978244fe6c0e3061c3ada11ae4832c0f38b031ca6b86324cdbd82ec79de0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 23:33:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35682
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
qjz2XUX+ERI9Lf/K4pLy+COn7gL3NqsZzP9gOOsDW9am5kpr3pBXe0xWoLbRye+UXhNjwGRPXvU13acI4FHmAQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
137000673.js
bat.bing.com/p/action/ Frame C5FF 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137000673.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 14 Jan 2024 23:33:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9FFBEE43FD8C41CDB21227D7EA768DD2 Ref B: FRAEDGE1206 Ref C: 2024-01-14T23:33:57Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame C5FF 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=eb8ce16b-05cb-4875-9810-c5f38e13d716&sid=633bb1c0b33511eebb5db398b43f25d7&vid=633bf100b33511ee95ac0d2d06a6d131&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=329&evt=pageLoad&ifm=1&sv=1&rn=476733
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 14 Jan 2024 23:33:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1A3F00C3E1574A98B432EF8B90E0B231 Ref B: FRAEDGE1206 Ref C: 2024-01-14T23:33:57Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.datadome.co/js/ Frame C5FF 		230 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.108.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-108-144.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
1511a7f14c7f38f96821636aad6cba35bb3e2e11293c2fcc4c9583649ca2ae0c

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
230
expires
0
main.js
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame A253
Redirect Chain
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc833987bf23f2b75889d4db0bfb0789eba6b1ed1d32484678cbb5f8065dc46f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8459afda7b1471d7-FRA

Redirect headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8459afda3af171d7-FRA
59013e41-1b63-4d8e-a887-ea6d3795d988.js
tr.snapchat.com/config/de/ Frame C5FF 		177 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.8.0-2401042024
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
Origin
https://promos.betano.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://promos.betano.de
x-envoy-upstream-service-time
91
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
i
tr.snapchat.com/cm/ Frame 5AA0 		0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b35f2f27-6f15-46a9-a6c8-e00a7e6432f6&u_sclid=85d4c17a-ef2b-4ac2-b906-92fc7fa9be8b
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 23:33:57 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ Frame C5FF 		68 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=8217004b-01be-462e-8125-e8edff22c37f&u_sclid=85d4c17a-ef2b-4ac2-b906-92fc7fa9be8b&u_scsid=b35f2f27-6f15-46a9-a6c8-e00a7e6432f6&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=328&m_ic=true&m_pi=324&m_pl=0&m_pv=2&m_rd=663&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=96504ce7-1137-4aed-8b44-7544e9fa4334&ts=1705275237472&v=3.8.0-2401042024
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
/
track.adform.net/Serving/TrackPoint/ Frame C5FF
Redirect Chain
  • https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.d...
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betan...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos....
121 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
194
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=311384574014&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
track.adform.net/Serving/TrackPoint/ Frame C5FF
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2F...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspak...
125 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
196
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=710625879029&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
document.000000CF16561F.js
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 7822 		177 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
rIrlDQ43Y2HScKgRpGejWA==
age
448
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 15:35:17 GMT
server
cloudflare
etag
W/"0x8DBE6B9A2912048"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5a0e1f11-e01e-0037-2725-23077f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2011-08-18
cf-ray
8459afda7b1a71d7-FRA
expires
Mon, 13 Jan 2025 23:26:29 GMT
animated-creative.381532d5d5de3962867f.js
visuals.kaizengaming.com/scripts/ Frame 7822 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
7/+J+TpFL/6K7/yG6MNwEg==
age
448
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 09:16:12 GMT
server
cloudflare
etag
W/"0x8DBE4F258FA183A"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
31154f4a-401e-003e-1def-1642ac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2011-08-18
cf-ray
8459afda8b1b71d7-FRA
expires
Mon, 13 Jan 2025 23:26:29 GMT
8459afd94a5b71d7
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A253 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/8459afd94a5b71d7
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
content-encoding
gzip
server
cloudflare
cf-ray
8459afdaeb6771d7-FRA
content-type
text/plain; charset=UTF-8
1x1.gif
a.mgid.com/ Frame C5FF 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1705275237616
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8459afdb2ca96ade-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
p
tr6.snapchat.com/ Frame C5FF 		0
43 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ Frame C5FF 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1705275237712&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1705275237444&coo=false&cdl=&rqm=GET
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 Jan 2024 23:33:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 7822 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/webp
6af3d2f6-b4b5-44a4-9b35-3c342c888dc1
https://visuals.kaizengaming.com/ Frame 0715 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://visuals.kaizengaming.com/6af3d2f6-b4b5-44a4-9b35-3c342c888dc1
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
visuals.kaizengaming.com/fs/api/v2/ Frame 7822 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d587f37375f04e96eab2c6a99a21b2eed9a6a8de60d031bb44c1df45ef66a8

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:04 GMT
server
cloudflare
age
2815073
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray
8459afdbdbfe71d7-FRA
expires
Mon, 13 Jan 2025 23:33:57 GMT
font
visuals.kaizengaming.com/fs/api/v2/ Frame 7822 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc55f963e75ea7de03dbb4aad685c49d2f3953a7ef4b953d31e0c8bf85568e5

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:09 GMT
server
cloudflare
age
2815068
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray
8459afdc0c1e71d7-FRA
expires
Mon, 13 Jan 2025 23:33:57 GMT
font
visuals.kaizengaming.com/fs/api/v2/ Frame 7822 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157802953599900e5239e3d85df4ce35e96b5713ef19a4da461f0cfee8e8ae7c

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:12 GMT
server
cloudflare
age
2815065
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray
8459afdc3c5371d7-FRA
expires
Mon, 13 Jan 2025 23:33:57 GMT
font
visuals.kaizengaming.com/fs/api/v2/ Frame 7822 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f7f588992aab365551655fb714b91ca6d3668d040e2fd3a23c7c6860ddea0a

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:33:57 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:14 GMT
server
cloudflare
age
2815063
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray
8459afdc7c8871d7-FRA
expires
Mon, 13 Jan 2025 23:33:57 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:01 GMT
api-supported-versions
2.0
server
cloudflare
age
80637
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afdd9d5571d7-FRA
content-length
341852
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:42:29 GMT
api-supported-versions
2.0
server
cloudflare
age
67889
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afdd9d5671d7-FRA
content-length
56928
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afdd9d5771d7-FRA
content-length
30628
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5971d7-FRA
content-length
13040
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5b71d7-FRA
content-length
11302
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5c71d7-FRA
content-length
6620
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5d71d7-FRA
content-length
16182
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:00 GMT
api-supported-versions
2.0
server
cloudflare
age
80638
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5e71d7-FRA
content-length
29032
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 01:10:01 GMT
api-supported-versions
2.0
server
cloudflare
age
80637
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad5f71d7-FRA
content-length
176540
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:42:29 GMT
api-supported-versions
2.0
server
cloudflare
age
67889
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad6071d7-FRA
content-length
6958
expires
Mon, 15 Jan 2024 23:33:58 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame 9C1C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:42:29 GMT
api-supported-versions
2.0
server
cloudflare
age
67889
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8459afddad6171d7-FRA
content-length
7696
expires
Mon, 15 Jan 2024 23:33:58 GMT
a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		462 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
db1RviXCYsfCGJyPhdZBgQ==
age
380
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB98082775296F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6787b4c4-b01e-0067-4583-33c52f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6271d7-FRA
expires
Mon, 15 Jan 2024 03:27:38 GMT
e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		712 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Wj2Rm4rI4ts1bvK6/OwKuA==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808278220AD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e858fe47-801e-0021-20e0-15f1a8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6471d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		716 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
wOI1kvcZ2lxVvarwrZkpVw==
age
380
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827807321"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d6c2ef23-901e-0060-4add-2ea94c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6571d7-FRA
expires
Mon, 15 Jan 2024 03:27:38 GMT
44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		699 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
6T5iHY4kR/cqRXlJfcIgeg==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827A0A29B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a2f82c28-201e-0065-2cfb-237b97000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6771d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		705 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OGNNML/bbmYzG3WVI4K2vw==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB98082797A2B0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6a0f38ec-e01e-0027-7a4a-14c217000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6871d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		711 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
H8vQZgECIVhMUK6iBn/x3A==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808278D9165"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ab2aef30-c01e-006d-78a8-3a6198000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6971d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		713 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
PGPRbIvWC6EgP2XMl5G9Xw==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808279A137F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
746f7004-b01e-0015-249f-21c260000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6a71d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		701 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
kbsYe45EOgyN0lklvpvsrA==
age
404
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808279B4BE1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5bf87c37-801e-000e-4e50-23fc63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6b71d7-FRA
expires
Mon, 15 Jan 2024 03:27:14 GMT
4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		701 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
CP5dckuzFGRJ6dKK7x8ltA==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827905047"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
59d1adb6-801e-0021-73e0-27f1a8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6c71d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
dIIZsAgREGCk+L7z+CtKvA==
age
357
x-ms-lease-status
unlocked
last-modified
Thu, 10 Aug 2023 10:33:34 GMT
server
cloudflare
etag
W/"0x8DB998D3FC6613A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e75409d1-301e-0046-2cdd-0bd9a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6d71d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		454 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Fe9zUTUCieFRBF6mOTWgjw==
age
408
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 09:01:14 GMT
server
cloudflare
etag
W/"0x8DB97EE04CD7BF6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
01f77194-801e-000e-15e5-27fc63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6e71d7-FRA
expires
Mon, 15 Jan 2024 03:27:10 GMT
f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 9C1C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 23:33:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
52m6i3E5yoDqe8bIckaoJg==
age
357
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 09:01:14 GMT
server
cloudflare
etag
W/"0x8DB97EE04CF5095"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9ad2a5ca-201e-0007-179e-21b9b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
8459afddad6f71d7-FRA
expires
Mon, 15 Jan 2024 03:28:01 GMT
p
tr.snapchat.com/ Frame C5FF 		0
90 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 23:33:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://promos.betano.de
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
visuals.kaizengaming.com/tr/v2/pixel/ Frame 7822 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 23:33:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8459afde0dbd71d7-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
12738953.fls.doubleclick.net
URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CO6_iqaF3oMDFTZGkQUdcmEARA;src=12738953;type=despo0;cat=despo0;ord=610487147;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CloudflareApps undefined| $ function| jQuery object| _wpemojiSettings object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_captcha string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target object| block_tdi_98 object| block_tdi_120 object| block_tdi_123 object| block_tdi_131 object| block_tdi_143 object| block_tdi_165 object| block_tdi_178 object| block_tdi_179 object| block_tdi_184 object| block_tdi_239 object| block_tdi_240 object| block_tdi_241 object| block_tdi_242 object| block_tdi_243 object| block_tdi_244 object| block_tdi_248 object| block_tdi_251 object| block_tdi_252 object| block_tdi_257 object| block_tdi_258 object| block_tdi_259 object| block_tdi_260 object| block_tdi_263 object| block_tdi_266 object| click_object object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady string| tdModalImageLastEl object| tdSocialSharing function| tdModalImage object| addComment object| _stq undefined| eventHub object| tdcPostSettings function| tdbGetMobileTemplates number| sc_project number| sc_invisible string| sc_security function| gtag object| dataLayer object| tdLoadingBox object| tdbMenu object| tdbMenuItemPullDown object| tdAjaxSearch object| tdInfiniteLoader object| tdSmartSidebar object| td_res_context_registered_atts function| _statcounter object| google_tag_manager object| google_tag_data object| gaGlobal function| st_go function| linktracker_init object| wpcom object| CleverCore boolean| CleverCoreLoaded object| twemoji object| wp

29 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: dc4e3509882e40c68a170453af779220
.desteptarea.ro/ Name: sc_is_visitor_unique
Value: rx12932177.1705275236.EAC72920391C4F6B3DD9EDAFA4753B03.1.1.1.1.1.1.1.1.1
.desteptarea.ro/ Name: _ga_X1VRQ4MQEN
Value: GS1.1.1705275236.1.0.1705275236.0.0.0
.desteptarea.ro/ Name: _ga
Value: GA1.1.652875248.1705275236
www.desteptarea.ro/ Name: clever-last-tracker-51407
Value: 1
www.desteptarea.ro/ Name: clever-counter-51407
Value: 0-1
.statcounter.com/ Name: is_unique
Value: sc12932177.1705275236.0
.statcounter.com/ Name: is_visitor_unique
Value: 1705275236914236529
.desteptarea.ro/ Name: cf_clearance
Value: NhzCIZdqL7RJrJ8Hg0_Ev7Yo1e6TX9NH5JaXyyiRVE0-1705275236-0-2-4e470ce2.55440b53.85d0e24c-0.2.1705275236
gml-grp.com/ Name: CEK
Value: a
.gml-grp.com/ Name: __cf_bm
Value: _cQtLlWdbP7fN3u3tiGTnXbv_VKe5S8njfVthC2rayQ-1705275236-1-AcElAvW50h799TzwDrFWR79L4fqstTzdvetToEFMGpiZFqC3Kjn5XbJnwb3wWa07TNNnXQpLoPOH4MqDjHIEWJA=
.gml-grp.com/ Name: _cfuvid
Value: ZZo_vgdT9R_f3TY7glqZuGAI42Jgl1RhQwoC4QxoDxk-1705275236915-0-604800000
gml-grp.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&79afa9a8-a654-4a4e-8a25-5fedb7eb5173&&a_826b_2931&
gml-grp.com/ Name: A_2931
Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20240114&lc=20240114113356&cc=1
gml-grp.com/ Name: PM_11
Value: id=aea8ffab-2443-432f-a948-d8ac1981c7c4&c=JSABMVPAIIDAADE&s=826&ad=2931&md=0&pm=11&d=20240114233356&ip=0&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&cip=MjAwMTphYzg6MjA6M2EwMDoxMDExOmEwNzA6MzY3YTpjMTIz
.betano.de/ Name: btag
Value: a_826b_2931c_JSABMVPAIIDAADE
.betano.de/ Name: __cf_bm
Value: XTpZ2I_4q18sP8xsDynF0quvVJ5SyADY2bPB5UL0FlA-1705275237-1-AU+ccMPWGk/t6BPc5ow+jUf/JRaZH3Edw5DYlTacXTiV7W81tltXT3zb7ODKe88Sc8Djy5XeBO6p63uZQYDJqsY=
.betano.de/ Name: _cfuvid
Value: rczLjP16mn5UErq6wnSquV9_toSctCe6JChbr7we5yQ-1705275237069-0-604800000
.kaizengaming.com/ Name: __cf_bm
Value: HvKmBteoOrYKDvdj2Xox.iM1e1FkeHdRG1n0XrUqxSw-1705275237-1-AXYRVvRq2e54vfG+2EfLJp+crq9DhLesQTkdzaeam6wtG+9oeteCcguq9cZR5IweJOh5/0SWwAGCD1YaRRNGf3s=
.kaizengaming.com/ Name: _cfuvid
Value: woGFbrwFqqsOpUxZNVklEInMidIc6H46NlYQBuKGcEg-1705275237199-0-604800000
.betano.de/ Name: cf_clearance
Value: U.uio2asEBoDzsdWuMrY8AQ6j0IpaeKuTytxdJoWDSY-1705275237-0-2-4e470ce2.85d0e24c.19465302-0.2.1705275237
.doubleclick.net/ Name: IDE
Value: AHWqTUld_54fhTALq1Eq_8DCdPWzyh_OY_d53v7uCqPaQzQMUguEbxEHP8tMyudC44c
.mgid.com/ Name: __cf_bm
Value: y5TBlrufqoNooDycX9n4q79PhxDQQKmyIGsBi6.LSHE-1705275237-1-ASYfAMJHeyTZjiZ03/KCAn6GcbbybXkPP+37I+MyYThuGDM+1PUgTMXrnB6Cg+S7A9mVTmGxGPchi6IAFSZ93Qo=
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIkAPxx7knMgXD2364LBLSiCvuuuWvhiy282yr9jOzUsMyDDn6AITFEvEyAAAA
.bing.com/ Name: MUID
Value: 0D004645921D6AFB0123524393CF6B32
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.kaizengaming.com/ Name: cf_clearance
Value: m6008DCQa_YdsBBf0DOB0i6.EtNJGZSMfVwUGAv3Mfo-1705275237-0-2-4e470ce2.85d0e24c.19465302-0.2.1705275237
.adform.net/ Name: uid
Value: 532587527659206900

7 Console Messages

Source Level URL
Text
network error URL: https://promos.betano.de/willkommenspaket/Rectangle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/bullet.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner2.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/Rectangle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner3.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/234568464078651?v=2.9.140&r=stable&domain=lp.cleverwebserver.com(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
a.mgid.com
adservice.google.com
api-js.datadome.co
bat.bing.com
c.statcounter.com
call.cleverwebserver.com
cdn.jsdelivr.net
code.jquery.com
connect.facebook.net
dd.betano.de
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
i0.wp.com
landingpages.kaizengaming.com
lp.cleverwebserver.com
pixel.wp.com
promos.betano.de
region1.google-analytics.com
s.w.org
s2.adform.net
sc-static.net
scripts.cleverwebserver.com
sender.cleverwebserver.com
stats.wp.com
tr.snapchat.com
tr6.snapchat.com
track.adform.net
ui.cleverwebserver.com
visuals.kaizengaming.com
www.desteptarea.ro
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.statcounter.com
12738953.fls.doubleclick.net
104.20.95.138
142.250.181.230
142.250.185.130
143.204.207.250
18.192.108.144
18.245.46.81
192.0.76.3
192.0.77.2
192.0.77.48
2001:4860:4802:32::36
2606:4700:1::6813:814c
2606:4700:3032::6815:40a7
2606:4700:4400::6812:24ac
2606:4700:4400::6812:2a64
2606:4700:4400::ac40:934d
2606:4700::6810:5714
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a06:98c1:3120::3
35.190.43.134
37.157.5.73
37.157.6.243
01be3b09ff08b902fbf43a706aca14b09af89436ce97bd20e82d2ba7d1a6a64b
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984
04647840b1b815ef28f377da140c4bc45821a5772d1d4e32a2baf3b754c6574b
05bd571ea670c264efcd43b8c6377b499d34cf2fe10fe4202dfdb2a3890e7885
077d9072438a487dbe881fb0fde1aff2988eb4dd4c871b23798f6e00c10aa40f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
09eac31468c9ccc4e1a3b9411f14296b3d0dc4062f4378e4c38070e15c268075
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0cc4f867a343a82689f30c1224ab9afbdaebd5207e037fc77b99de31425cba91
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7
12f7f588992aab365551655fb714b91ca6d3668d040e2fd3a23c7c6860ddea0a
1511a7f14c7f38f96821636aad6cba35bb3e2e11293c2fcc4c9583649ca2ae0c
157802953599900e5239e3d85df4ce35e96b5713ef19a4da461f0cfee8e8ae7c
15b7bd9477070838750f61746626ffc53ddae65b39680ac485d22d13794ae96a
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74
171b52327c92328999d34a6409855714238bcbf554c4367b08e72fb5c80ff5b8
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
18768a835b126e690179add562634933484fcf917aff265856fc3febeee7c3db
19d3bc711c5bb20c16325d434c766ea9daa5e448f5cfef3259c7675abfebbcb9
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1c0f19d05c31552677c3717dd15e46d2d42903c8ffaa00adeece91c45c19665f
1fdd7a144b36adb6e59813e4e94ece504a3d5fef595cb2a9fb20320d06d2a098
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
2236c8ecbf0e9e4e7d280de8b8e69e2f768e43ca26e529c813ae38287d5d7b8b
2245285a8ccda188395559d75e32d8450f722c98cf130079efe9a404a16c7107
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac6000bbe837f2a43dee3fb96ffca93a295df50a05c78c0399966f80955addf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
30afaa4f3695ec3d2b03c378dd7d3aa49aad4b9ca26ec08fd7f32822a32a8655
345d30bfda363b5caab40c08fd96746739a9c5be673a0887cc4d16fc264132af
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
3743f50c5cc9555c86c456716c1ada09dacbe2dbc8fc2c3b4c72f0bd84c2f7fb
38793abd47e804032b94c26bb34ed5ee269d88a71dafe447498536523146c8cf
3c0b1c989b2bfea121efdc5d4bb7a17b57b47038baf1809405461f353cdf453f
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
480b320b7d1171f2bba5130550c9a7de6df42e94c03805e33de99255f43a0d8e
4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240
48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2
48d587f37375f04e96eab2c6a99a21b2eed9a6a8de60d031bb44c1df45ef66a8
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c8e252ca4e5d2d5e9ed4b681995105f525e35bab43539d099d4eb50ba345902
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
5203e80b3c2052f6e01718d37241ca1bcc261ac5dcdab29cfe7255c2e4a2b227
523762d6589fbd8cdf6ae37fedb69e5c53aa492691908a78531e6417b87d6873
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52af4a707c20f15281abce98cd9e58502a98a466ce2896e977afe34c2b6a2f32
534887e4810666f8febc04934d67e2dad8e68842107a9cb2da6f527fa6a0428a
5820bab8388c31b58a24f1930839b761838e25f2fb62bf01defe79682df91434
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f070010de8e57d667ddec3801fb66bcda95ba97e10464e100f5dbb27c2535e0
5f78c29436555778230f47920e027b3a98f278553684bc202ac9391aa89e2e1c
61b3dd59d96ccb0a59f1ea38a47aae3d5d3314490772a4471b9ec889c04b88c2
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
649548b779f30cb63e141770df9c1fd2aec5de08cdea49c4c9f8d8a5180a4ea6
67748f8cd5f52677bbeb04e15eadf694f50793e7b7f015607c5d1a78b2ccd2aa
6902c494f155dafcadfb24f795da7ccf627052547d66b35053ca3582a78ffb47
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6b3008f2261127f32e84eefc5c190582bc2c769977b045a8df76fd6d86bb4d2c
6bc55f963e75ea7de03dbb4aad685c49d2f3953a7ef4b953d31e0c8bf85568e5
6fad8a48a73e5e07dc0d45d6ec77bc203c9f03c145973f48bfd9b2388d8b5ada
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
83e2cad04c8ef32b86de276e74364c2476e9b1634ddb687ecdb9da3b5479db67
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
84ff5956551fc72f1de653dbcc731847e839614696a06b6fb65bc900993b6c9c
86dd9db9351238b225bf1ed74e5c25c6bc013460366dd41775ac2dbf62cd2300
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
8834768897bb19af020b5c6afbbf0f981c17f4c15c444925c5a70348347fcb20
890c3d78866ed60088a8a27ebf164417a6f45090bce7a152beb602000c13e029
890de6bda19513dfccb36d66c3551c4d3ff55f47ca9f65def1f8551c7c1543e5
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3
8ab75b37e150efe65cdfd300029b88de8355d72c7bbb5d2055f902aeaec3c14d
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335
91ac9b215d2e2d8b8330b9f3bf9f87aabad95656aadaec0796915794b566007d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a6669d5e7c502e78f47641fdc65a7490656d7b0e567cf155e7f51df8d750c378
a91d91bb1ca4c7eb188fbf2d6529173468f3e12b75aabd4ef301710815901626
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
ad1f2971f38af30b421c36492c40962e08af17299748c673d62489a97cd429a9
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad
afcc663536de33d814d9d34e095d967c24ce211d814f8957ff9ff313bea37693
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b11c68015534cd3b9cdab77a80b64731487de92658f9786cd907794ba48c09a0
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b1df83f5da497d02441ee7898515886d42aa8f18e0f9cf38e110d6b470f15763
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b59c9c9f7ecb8ef4248f37c732ab7db0df848a11185fb1116d6763e24fb5b842
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b696652d817d82744bb5a64a9e78cd1e029b3364f0881e9d9ad1ce28fc7e6003
b6fadb7b5cb6b998d671ea9a5da3e2dd44f84dd38220f21a320f08eda3040546
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb429185dfa559bff451e975045b1b55d4aae3e051da009a47c3510bff45a68d
bc53300aaf62e4f20ebd24fc67bfd1f363dbffad8bef0a71d62a28fadaf6f436
bc833987bf23f2b75889d4db0bfb0789eba6b1ed1d32484678cbb5f8065dc46f
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c84c2b7321ad8eb40f83e070818c856e6ce0081e36bcb0c052cdc20ab9dfaaa4
c9d3978244fe6c0e3061c3ada11ae4832c0f38b031ca6b86324cdbd82ec79de0
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
ca8ab1a0ac9c26942bdc4e0ecc6813dde09c8fcf4a026e646c9e298ac14df58f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d4bbf54832b17abc299e1a47ff0d4568745afc8f373b0bda4fa99e8c519dcd92
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
d9cf611d3b63f5b4d7a676e7cc9150d7234794bdc71c089609467f015b96896e
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
db69172c2acd025aa390bdbb5bdf638926400d7eb3a1662ffb21572fd2a73ba3
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5897a8849de15a2ad907e8774d83685f49fd94cb15d986aa6333b9bb74dd106
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426
f1c62d99354195470e5b00ea8c9590bfc5810e78bf2e16fd72ae60785c19e0be
f39fb09590a254d659b848446fe21a9155c886420fd119cd42e140ff5e8c09c1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0