gg-bet.de Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freecryptoevent.com/
Effective URL:
https://gg-bet.de/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 22 via api (July 22nd 2023, 1:42:47 pm UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 59 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gg-bet.de.
TLS certificate: Issued by GTS CA 1P5 on July 12th 2023. Valid for: 3 months.

This is the only time gg-bet.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3032::ac43:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
16	172.64.99.3 172.64.99.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
59	12

5 2606:4700:3032::ac43:9062 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freecryptoevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

whairtoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.64.99.3 (United States)

ASN13335 (CLOUDFLARENET, US)

allcommonstories.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gg-bet.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gg-bet.de gg-bet.de	406 KB
16	allcommonstories.com allcommonstories.com — Cisco Umbrella Rank: 73242	67 KB
5	freecryptoevent.com 1 redirects freecryptoevent.com	34 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1815	21 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11219	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	139 KB
2	whairtoa.com 1 redirects whairtoa.com — Cisco Umbrella Rank: 377135	13 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 35583	465 B
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	1 KB
0	amunfezanttor.com Failed amunfezanttor.com Failed
59	11

	Domain	Requested by
24	gg-bet.de	allcommonstories.com gg-bet.de
16	allcommonstories.com	allcommonstories.com
5	freecryptoevent.com	1 redirects freecryptoevent.com
3	my.rtmark.net	whairtoa.com allcommonstories.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	gg-bet.de www.googletagmanager.com
2	whairtoa.com	1 redirects freecryptoevent.com
1	region1.google-analytics.com	www.googletagmanager.com
1	datatechone.com	whairtoa.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	freecryptoevent.com
0	amunfezanttor.com Failed	allcommonstories.com
59	12

This site contains no links.

Subject Issuer	Validity	Valid
freecryptoevent.com GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
whairtoa.com R3	`2023-07-16` - `2023-10-14`	3 months	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
allcommonstories.com GTS CA 1P5	`2023-07-06` - `2023-10-04`	3 months	crt.sh
gg-bet.de GTS CA 1P5	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gg-bet.de/
Frame ID: F13CCFBBD02E0D0A66C3D1DA7EBF1665
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GGBET Casino Österreich - offizielle Seite

Page URL History Show full URLs

http://freecryptoevent.com/ HTTP 301
https://freecryptoevent.com/ Page URL
https://whairtoa.com/4/4138880 Page URL
https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false HTTP 302
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z... Page URL
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z... Page URL
https://gg-bet.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

59
Requests

95 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

698 kB
Transfer

1504 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freecryptoevent.com/ HTTP 301
https://freecryptoevent.com/ Page URL
https://whairtoa.com/4/4138880 Page URL
https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false HTTP 302
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://gg-bet.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://freecryptoevent.com/ HTTP 301
https://freecryptoevent.com/

Request Chain 9

https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false HTTP 302
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

59 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
freecryptoevent.com/
Redirect Chain

http://freecryptoevent.com/
https://freecryptoevent.com/

11 KB
5 KB

70ms
43ms

Document
text/html

2606:4700:3032::ac43:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freecryptoevent.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80002d5f47c9055e539477080a0d0786dc360cf050cebb3c9c4dca7ca6b59fab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7eac1bc18bd003a6-FRA
content-encoding: br
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Sat, 22 Jul 2023 13:42:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIgTvSHD6%2BkC0djNeUMHLZqWgvRJoKSDBJwPJR7MYVIoz%2BOJFW51e4E6f5le6wghKGG7sqpyLJ7%2BUN2J2FNGlUJLxwh0ywUjFe4jwH3UqXm5wPRhHsUpNS01koG4A9hoKxDNqF8i4d0jRBwZF3t6XKmw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7eac1bc13fb54d76-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 22 Jul 2023 13:42:42 GMT
Expires: Sat, 22 Jul 2023 14:42:42 GMT
Location: https://freecryptoevent.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od49TsLWX5uBD1tGcBKLlTbD6AjVUFx%2FTftTa83n7STZHy4rxr9yV3tfQJ%2FqbowjPJyN%2BveCewPhC3SIlbYIJehLfLpVAk6W5TIkJXZ7y4C0PE6B4%2BxJU1c8x2g%2Bp6V7KCyV3stXBPR91IK9jurS%2FrSC"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 16pixels.min.css
freecryptoevent.com/assets/ 177 KB
26 KB 70ms
70ms Stylesheet
text/css 2606:4700:3032::ac43:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freecryptoevent.com/assets/16pixels.min.css

Requested by

Host: freecryptoevent.com
URL: https://freecryptoevent.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626015de3c15c36e935ebb48c494f337a172c4d00f35836b3bf97a27108f8e26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freecryptoevent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 05 Jun 2021 17:46:00 GMT
server: cloudflare
etag: W/"60bbb858-2c512"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlFUFAl%2BWxttR8CjXH7wVkW0Nfx54Mizs7rjR12V8cADiQKDoPRx47t%2F5UxySHLFz1Fm%2FGuwPLOgW05bzvTY9ojf91Rj4It4NMmvxhxGKqa4%2BJtofk%2FghccLGBBfxosnrhtKaTdOENkrKdSW6RUiLCtY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7eac1bc1dc4203a6-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: freecryptoevent.com
URL: https://freecryptoevent.com/assets/16pixels.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 12:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jul 2023 13:42:42 GMT

GET
H3 200 react.min.js Show response
freecryptoevent.com/ 1 KB
1 KB 48ms
48ms Script
application/javascript 2606:4700:3032::ac43:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freecryptoevent.com/react.min.js

Requested by

Host: freecryptoevent.com
URL: https://freecryptoevent.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0139c05c272d63ff6aa4cecaacb15556014ce006ab6fc9559f273f515548b951

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freecryptoevent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld06InPsCCZz4tnqirsH1J5wU16K%2BtPz5y0htuUb0e0r5guCyfJzvlnTXvYldeiqPghxltuLnb27jHMSzRvA2krbjCiyiilUPnUsoQ3mt%2FTyyuEww98R8NN74k0oesvmeDRK%2B%2FFnTG%2BMuQ%2BCNi31Bzw2"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7eac1bc29dae5b6e-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freecryptoevent.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:46:26 GMT
x-content-type-options: nosniff
age: 161776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:46:26 GMT

PATCH
H3 403 react.min.js
freecryptoevent.com/ 206 B
719 B 45ms
45ms XHR
application/javascript 2606:4700:3032::ac43:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freecryptoevent.com/react.min.js?_9219279072640899

Requested by

Host: freecryptoevent.com
URL: https://freecryptoevent.com/react.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freecryptoevent.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNfGTIhdHfMWTtG1KPTRkCT8Ao%2FZNyDPEYir2R%2F%2BJseVZT4omOCGW73tWPq0Ye8A%2F5EkXFl4PzHSEK5EUg10uvHpEVywXmJYnNHBpKt%2BrLRPriy9PTP7%2FnsUwpSTvLgmK4KUY78Vj7Yvad34PveOXke%2B"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7eac1bc2fde75b6e-FRA

GET
H2 200 4138880 Show response
whairtoa.com/4/ 27 KB
12 KB 76ms
25ms Document
text/html 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whairtoa.com/4/4138880
Requested by: Host: freecryptoevent.com
URL: https://freecryptoevent.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a599c0ddf3716fff37f8d34d186e218caac17862312c2ff45faa824e64c80cff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 22 Jul 2023 13:42:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 07b0fbdac40454d19b600bf685a278fc

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 63ms
13ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=3c07095eed3344c9b3a1f2968b3cd454

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/4138880

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://whairtoa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 55ms
14ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: whairtoa.com
URL: https://whairtoa.com/4/4138880
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://whairtoa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 22 Jul 2023 13:42:42 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://whairtoa.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
allcommonstories.com/
Redirect Chain

https://whairtoa.com/?z=4138880&syncedCookie=true&rhd=false
https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

35 KB
12 KB

102ms
63ms

Document
text/html

172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e59e92c45c3dc54bc98ee1e5351e985235cfafd477fd1b682299a4c9c8014e9e

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whairtoa.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7eac1bc4cee6904f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 13:42:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR3gpAkJ3rHYr4yCgNPPm%2FLflcyJXcQsHr%2F%2BGUXwlGh%2FmrT4lnivrLVhsnQxRQNrxgWlUMi3Xp0%2B9cj%2B0XeDXUqgRCpEByqLKFFZcrJ6%2BfrO4KV7PCpPTORP80wuIbHN4XzlhxgBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whairtoa.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sat, 22 Jul 2023 13:42:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://allcommonstories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://mtwdmk9ic.com>; rel="preconnect dns-prefetch"
location: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 5db885ab34d9c259f18f74803a623be3

GET
H2 200 micro.tag.min.js Show response
allcommonstories.com/pfe/current/ 41 KB
14 KB 29ms
29ms Script
application/javascript 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6566c193a0f52c4341498a1c39613f0c040df3100d1ddb68ff95b45f7d0616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Jul 2023 14:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ad6687-a507"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3JPbWnsy9ts5RbntUwu6ZAZ7Eef2KIXcRYAkAMaMwnJkYiSMYfytYPssWoC4jCoabXOGyEpT8W33OXFg2%2FZh%2BPFHpDP10H3tFjnfixtA9miLyMNbQ8%2BkWJafnjcibkPicjAgWUKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7eac1bc54f75904f-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
allcommonstories.com/19/4662728/ 3 KB
2 KB 28ms
27ms XHR
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/19/4662728/?abt_opts=1&var=4138880&var3=706613738723357300&ymid=&rhd=1

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2e2ab4400f3def5993a7ea661855d0ebecbbbe93242df0ad1a6d7f859a46bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 97e92184632386692250ee38c26618e8
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8uPwPR%2BwJcXTbfYUtnyW7lJGk9nORIbTH8RA0J8HWQBVuG4Jt%2FMDFaq7ABUkAmHc3X5d9%2BT96s3Vv1HMXLJ%2BoYpaWSqa%2BtuU2QBlwyUqzLpOP5bbIUcO%2FUmOmc72DK2EfDToVuMwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://mtwdmk9ic.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7eac1bc56f87904f-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
allcommonstories.com/ 2 B
421 B 31ms
30ms XHR
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drs8t7YibTTLulM6JIPhup7WxU6LzINreUPQCZC2lwthAyW%2FjXmV%2BrcdlBA2jcFDg3AXHkY1NmjB61jmBZbMnENnVjwam%2B%2FDA2sxn3X3DKKfiEJ26R%2Bec4WROVfsrkwubIhMHea%2Bzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7eac1bc56f85904f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
allcommonstories.com/sw-check-permissions/ 0
954 B 40ms
39ms Other
application/javascript 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/sw-check-permissions/4662709?var=4138880&ymid=706613738723357300&uhd=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDc08rY25GA42YEb8JxPnfxMZkSADnCe%2FjR1fEUMD7wA6OWW3deB5b5D8uDrCQqdU5CC14OdPTxb404K7Qo6t0QJPMBhJgq0FqepkaaXl0I9MvxHmce5MAtwPj8hFL%2FeCTYqtDRZxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7eac1bc58b290374-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
allcommonstories.com/ 0
525 B 31ms
31ms Ping
text/plain 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=allcommonstories.com&var=4138880&ymid=706613738723357300&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-trace-id: 88390ab636eebe941d8cca79c1e0f81c
date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEipOPypcjiAIsoEBFLRWWjIfKenuhMsZeW1rNuyz86dU3z%2B1iiELS%2FEKpjVwwG9m1K0zk6ojyTyb0Co9yLWYj1f8OmNEjLqkrbe3FX7ZkMsjtiaoS3aKn0mN4A6ueNiym9FndabiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://allcommonstories.com
access-control-allow-credentials: true
cf-ray: 7eac1bc58b2b0374-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd
allcommonstories.com/ 2 KB
3 KB 37ms
36ms Fetch
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/rhd?rb=yQGN_0R241cr9tE9CRhA97gWE3m-TTpzVfPh19QkaZWU5OBS8a0ogGMovWCaCB8SRP6iKQmZjHx66t-AZ8FrptgvSSR3w57Wf1Qy-GQRiiso5pDanSBOeRsyFghriMuqKKd6FpKHvDKLDegMNB34ragqKhAPqS4Aovm6v-GJw0w6Xzk0TnIXWwP8ndUxULvznQrXw2rJ_b2415Fl3dOLuFPXOyFiGeQ6PGwXXHCKTBLAK5fH-6jcO4crrSdAblz1-NCMypwabndVUcT8R1os45v52gMgaG14AJmuhIMIql0ekOUacOWdb-26dcvGLeRYcBMcQ6oSNIOH0WtlwCYX5_DsPdmU-xor0-r8XeBP005shbhCecMDS50N-sRVXMW8AykPSKsyKtuplFgYp0AVglu8EOXcG6maQQKMHGv6QQE9rxaRxsL3z1Zk1_bwjeRImJYt5XWN864ZvP7U7f5IPEUZDD9Yqgroj_Njurp0_kmgMCUF&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fallcommonstories.com%2F%3Fs%3D706613738723357300%26ssk%3D395dc9c598bb5fbb4e3153a2babb8874%26svar%3D1690033362%26z%3D4138880%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=4138880&var3=706613738723357300&ymid=&rhd=1&m=link

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 8100aa8a90439681776128eebfdde261
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FCfdK12jKfkm1eIRyWVONc4s4t9AumCMAE%2Fz43c%2BtnjiNbZw4dmF2BurC3%2B3EpjYz9WJpheL80B8XjqkKTbIjKP2we8n%2FIbvEunJnThpdz2eRXYhyhFjnuxP73gMyP5WBJapdYwhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7eac1bc5ab450374-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js
my.rtmark.net/ 65 B
547 B 16ms
15ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=706613738723357300&var=4138880

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://allcommonstories.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET zone
allcommonstories.com/ 0
0

GET
H3 200 / Show response
allcommonstories.com/ 35 KB
12 KB 81ms
80ms Document
text/html 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: ad692363c8101efd6a3817ec230ece5fda2ed76aa60b822005c30dd4fb2bc39d

Request headers

Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7eac1bc5db7f0374-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 13:42:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeZEJsemBvxeP2O4UHQV4cQqyfsMKt8mZ0AUEtE45drm7HfiWQpIZ3qd%2BuQvUsUroaJf%2BUexcPvafoVMSSeRcQVo048gla0EywCiwiHt8hisM82DaSh7eI3BEdhp7MnPj7U9v3cf6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

OPTIONS event
amunfezanttor.com/ 0
0

POST event
amunfezanttor.com/ 0
0

GET
H3 200 micro.tag.min.js Show response
allcommonstories.com/pfe/current/ 41 KB
14 KB 37ms
37ms Script
application/javascript 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6566c193a0f52c4341498a1c39613f0c040df3100d1ddb68ff95b45f7d0616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 11 Jul 2023 14:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ad6687-a507"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYeJAXL6D63JRqU0rMTwYnwVFAspEtZ7TVHvRYpRJkyESZokmHlQ8Qtf%2BZmfWlYvwARyW33TANmaKAZQRpHW7qJNccGqiuxENn7%2B4fOTIIxkF%2F3oOrxb5PFX8ZbgIdr3is5k5A%2BEww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7eac1bc67c150374-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
allcommonstories.com/19/4662728/ 3 KB
3 KB 26ms
25ms XHR
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/19/4662728/?abt_opts=1&var=4138880&var3=706613738723357300&ymid=&rhd=1

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a8f586902e9e962c4fe8d7d90bdeb63e31b0ca1188e11e1d80d99c2fa9adda

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 09959a8b61d3400282a44a859b1b276c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mPas0YBXg2TvohQeJ4RjfEuqEQl%2FgB%2FIqC4r6%2BAnc2%2BWZGaOYMhuPvuesMaSMn296vydZG8q6V%2FmxefDxH2SVtrjJLNzZoLUUBtKPdV2YQeWgKaPVF7dwAvycnm1geBAUDH6nSxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://mtwdmk9ic.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7eac1bc67c1e0374-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
allcommonstories.com/ 2 B
537 B 36ms
35ms XHR
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyTI6it1Eg2LvSFN0kKuDyWgRV%2FCrZvA80UGVD41%2FvSxvhYStlWfBAVLoWdOmuKPgOSoJAepvWGMtpYA2D216FmXD2%2F%2BghUEp%2BpZGKMfjsK2PuQFjCQaRiDKJRTBpTlyoX1csbucCA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7eac1bc67c1f0374-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
allcommonstories.com/ 2 KB
3 KB 36ms
36ms Fetch
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/rhd?rb=R2kJij87akZWWfrViSD2lGoqbIN64zF6dLDHFxLEv0oTsO0uuJB7H5YB2CNf-d1sUY1tWxB2YLrzNS0GLTnxvNwDXuThP7izkrTEBjBWbgY_Xd1O6OmZHL-J5BNUmhXQXNjum1pRO0IgAkkEbzOoDMCn2oPDCz-IEEdpSaaDlB3QM5r3xNxIzEiCcG361icI8pbmrvpOWFMJfauAmppWWqSaibsKW8Ts2Uu9UJk1_a7TTxwx6gYXUKf3CmV67wJPfWWH4LeLeSpbUBRgCP7iATxzI4NohTMWQSby1lO6UCZI5xRr1KI7Ysc6UYnQPxIyOBIXXAzSKSoG4Yc_w1pf8XXF2vt0xj2Aqx4c7Lk9Cs2lOpd8qVdQA77bbgqBV6QFOxcgU0tw2bB50eV2hNq4o4ppgdP5VtG3ho7L49Z_jt4N31odFZHA2rfmBNqL0a7JyYj3fBXiD3KS6ElxC9E8tlbC6kVvvAFle0YcwyqGMasxpy-QEYjLvw%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fallcommonstories.com%2F%3Fs%3D706613738723357300%26ssk%3D395dc9c598bb5fbb4e3153a2babb8874%26svar%3D1690033362%26z%3D4138880%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fallcommonstories.com%2F%3Fs%3D706613738723357300%26ssk%3D395dc9c598bb5fbb4e3153a2babb8874%26svar%3D1690033362%26z%3D4138880%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=4138880&var3=706613738723357300&ymid=&rhd=1&m=link

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dedf80cf25adbba1b18077316397c83fc28d8c50b9779ba4ca2131213421b494

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f99e9804195af807049f079d3725c939
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqjE8rkSEA8BGToZNii%2F9NhJsDgcyhl%2BIRF9sYErbi01sb%2B0FQsiymY9tk24zu4%2BdcTMlTuFJNf4egohkYyoiFA5lY0hftTtRKES8jSWEhybUMnMyWHG7MmohN0NvO0vQIWyPmJT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7eac1bc6ac440374-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
allcommonstories.com/sw-check-permissions/ 0
961 B 36ms
36ms Other
application/javascript 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allcommonstories.com/sw-check-permissions/4662709?var=4138880&ymid=706613738723357300&uhd=1
Requested by: Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmkLIMSswr37JoIzf%2Ff8WkmNCfF%2BntxPq%2B2%2BmX2sMyBlCxV06WHdlHjXPZ8ImXJcrNjl7RGVCSGYZcC6DSCgb1%2BV5%2BIV7d7MSWS0ttN970QCNrFZsgAb0PIVTD8xhcQKJP5NmZSanA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7eac1bc6bc5a0374-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
allcommonstories.com/ 0
494 B 30ms
29ms Ping
text/plain 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=allcommonstories.com&var=4138880&ymid=706613738723357300&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-trace-id: 7a8fd1f72bcf4fdc283f60f88aa18162
date: Sat, 22 Jul 2023 13:42:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XocZDuAKUwkYR93F7gtFRDzIP89iZ5oPJUIt8BD84dPY8iLI19f%2BtUtIrT3L7JW1KkxYslqugKdKTU03X94niNByguOewBCutpamU2aQ6el1%2B8jfU5N%2BG%2Fd8mdVe9k%2FmjGE7ke5p6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://allcommonstories.com
access-control-allow-credentials: true
cf-ray: 7eac1bc6bc5c0374-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 15ms
14ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=706613738723357300&var=4138880

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

493d34559b30af03437c2ee465c4daa42ac35377825d1928cac25614a871c407

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://allcommonstories.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
allcommonstories.com/ 904 B
1 KB 26ms
25ms Fetch
application/json 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=allcommonstories.com&var=4138880&ymid=706613738723357300&var_3=&var_4=&dsig=&action=settings

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/pfe/current/micro.tag.min.js?z=4662709&ymid=706613738723357300&var=4138880&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8232dce384efda4f42ab2a7a1c38d520dc4d074915826157c000ab13b00dcd2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 232312692ed5ff51a53750d5848eaa61
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrYQy8OF1MnOI8KcQu6Tp5ZsDlNPlzNpT%2FPdXcN7zdvX%2FpNN0Q%2BjiQowQk82voZaw8VWGuRZMYfrOrQEbBzfYAwkOzHNvPqDT8n%2BMV%2BxDQPcR288301krsXmnm2ShjdvBZGady2SFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7eac1bc6cc710374-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Primary Request / Show response
gg-bet.de/ 113 KB
26 KB 437ms
398ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gg-bet.de/

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee78e0cac55d1aff2749772f173f97004612f2d0f560726489cb8801f92ddb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7eac1bca4dfc9a11-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 13:42:43 GMT
link: <https://gg-bet.de/wp-json/>; rel="https://api.w.org/" <https://gg-bet.de/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTVr1Vcu5tuOo4ZYxW44K7KrQ9IiXUIneWHLM2vyQBurZ88klSx38LXkqPskjqbr%2F33BizUI56XtksVgQi%2Bv9c55HjG9ZD8yqLl3pIucArzZ58EzkvHO2mM8Y5XIOYx1OD1V2l2MNqc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-frame-options: SAMEORIGIN SAMEORIGIN

POST
H3 200 cat.php
allcommonstories.com/ 0
771 B 24ms
23ms Ping
text/plain 172.64.99.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allcommonstories.com/cat.php?userId=d91d9ba5e4d22ad22ef219a778e2177e&zoneid=4662728&rb=R2kJij87akZWWfrViSD2lGoqbIN64zF6dLDHFxLEv0oTsO0uuJB7H5YB2CNf-d1sUY1tWxB2YLrzNS0GLTnxvNwDXuThP7izkrTEBjBWbgY_Xd1O6OmZHL-J5BNUmhXQXNjum1pRO0IgAkkEbzOoDMCn2oPDCz-IEEdpSaaDlB3QM5r3xNxIzEiCcG361icI8pbmrvpOWFMJfauAmppWWqSaibsKW8Ts2Uu9UJk1_a7TTxwx6gYXUKf3CmV67wJPfWWH4LeLeSpbUBRgCP7iATxzI4NohTMWQSby1lO6UCZI5xRr1KI7Ysc6UYnQPxIyOBIXXAzSKSoG4Yc_w1pf8XXF2vt0xj2Aqx4c7Lk9Cs2lOpd8qVdQA77bbgqBV6QFOxcgU0tw2bB50eV2hNq4o4ppgdP5VtG3ho7L49Z_jt4N31odFZHA2rfmBNqL0a7JyYj3fBXiD3KS6ElxC9E8tlbC6kVvvAFle0YcwyqGMasxpy-QEYjLvw==&var=4138880&var3=706613738723357300&ymid=&rhd=1

Requested by

Host: allcommonstories.com
URL: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.99.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://allcommonstories.com/?s=706613738723357300&ssk=395dc9c598bb5fbb4e3153a2babb8874&svar=1690033362&z=4138880&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Jul 2023 13:42:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: c93eacd1eac6348491408cedcad3cf01
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tX1NaQ8L6w7%2BOXQ%2F5O04w6BlxWabI6A%2F1iEBUtcp2DQ%2FAwuOgLzKSiorE412VemxVFE4CZ%2F2Sx30imASUCr68GQc9DLtffCURjR%2BKU7dlGCkCKuu%2BAZ1Ouh1kRSqqEq4n7%2FHhe49IA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://allcommonstories.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7eac1bca086a0374-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 classic-themes.min.css
gg-bet.de/wp-includes/css/ 291 B
554 B 14ms
13ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 07:32:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 869270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuQAAK0mH0ia8YHTWLrUc8Jy6RRvaJw3AdKiT6oafQwT08Fpz7i4aokQylVDVsBDhkg2tE1IENYTpYVxTYrmWei41PO%2FfEV6dghkM2Htgr6oJ8SnUI2M55frk6KA1R%2BSX97%2FFlyZn8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7eac1bcd79b69a11-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ggbet_logo-1.png
gg-bet.de/wp-content/uploads/sites/32745/ 696 B
1014 B 15ms
14ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/ggbet_logo-1.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b649034dd7d7ab6c50bc981113cd586ed88a599a8d37eaa4602b40f217729c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869270
alt-svc: h3=":443"; ma=86400
content-length: 696
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJHuc8T6WVDLSUbBkEwTZBkVmA7v47Myalz18rCtpx2xdMQvFXMVsv4OBkm%2BgmyWs30ZZ5DB9IzznCyUbobAixiaOYnykS87eTfqC%2Bl41MecviQYdu%2FytkRUWJ6vEx50tnzfHxHAVh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd79b89a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 promocode2.png
gg-bet.de/wp-content/uploads/sites/32745/ 290 B
588 B 19ms
16ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/promocode2.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fe1f63c5a01ab23ee21e8fd40de17f5643c81697943af83d04b06200240e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869270
alt-svc: h3=":443"; ma=86400
content-length: 290
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqA76SrxFiNJDxBzRNotdJxxhftnuZB07p4dK%2BffwbXSZE2S6BtaZePv8WGmbLGhvhGRqO4T6qJmUZblyp%2Fy5IFFxzSMuzoyl4vDXmVpeNzfaEFj%2FSuP7OqE%2B%2BxSLrP8A6EgpLAJctI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89cd9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 download1.png
gg-bet.de/wp-content/uploads/sites/32745/ 248 B
618 B 19ms
16ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/download1.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75468c11147ffc90d2dbe2b7b04f3d3783e135a41af177e336eadbce580ec3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 248
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6y2kput80lRHw8WSCCquJ9kHdgxfgnkbkgYgKZWd5LBGAj%2BtsDwr0qrsO8vjgUj5jpAcLmLQCWpa399p7pkp1uy9ZUuWK7NbwwoYNH43kApbFBEYkbbgMCZ7Vwp214LOc%2Brv8sFr9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89ce9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bets1.png
gg-bet.de/wp-content/uploads/sites/32745/ 587 B
915 B 27ms
24ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/bets1.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43014441a7cffcdf142097fe136e1164b0f8fa687ceb6e648e6ef0bd7b6b37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 587
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SySPCbJZ%2F7O7u08mjJo%2Bu87FVEZyTWO6kfnvkeB%2FAp%2B8CkY%2Ft4YLOKnfMcyRv9vUgb7DjoMBAJLP5Wl%2BB3R1fAEmkxXOSzuBdxuHiBiFPtXppO1rge7wngV7FCue%2FNJYuIMiz%2FTmu%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89d09a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 support1.png
gg-bet.de/wp-content/uploads/sites/32745/ 382 B
673 B 28ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/support1.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5af2a229b96ec249729f7be81874e398086c3bd9964dea8672e536c4861f36d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkW%2FYZoRG03H2Wb1nHOYb%2B7B%2BHYWtPQeFrtj%2BDOp%2B1O3%2Fa4Nz9M5PSSf60DSI%2FSYB9iyL%2BOx9RiPWwuqA5GPPZp7IbUp4Vpl%2FweMpPwnLzgyBug2D16M263JvbgW5mGxaOm0Yz1mLtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89d19a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 doghouse-home.png
gg-bet.de/wp-content/uploads/sites/32745/ 156 KB
157 KB 19ms
16ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/doghouse-home.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995ff2046c131c966ed9c46c88bd69d95805e6f02e3093993721efbf1e9f8417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708530
alt-svc: h3=":443"; ma=86400
content-length: 160131
last-modified: Fri, 14 Jul 2023 08:53:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwHOxwGqaRLfHUBKt7a0fMnDrBi0NVcjlkyTQswNV3ZLIowMCeBvGC7mu2NzOqZdsQabgfT4a2xFKr2RsNqQPxlrIoSbuoZpaRy0EIkA2xlbmq44UKK6blvFD7OMYrI2Yy1IZn1Fwg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89d29a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ggbet_logo.png
gg-bet.de/wp-content/uploads/sites/32745/ 696 B
989 B 27ms
24ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/ggbet_logo.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b649034dd7d7ab6c50bc981113cd586ed88a599a8d37eaa4602b40f217729c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869270
alt-svc: h3=":443"; ma=86400
content-length: 696
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZXTjYOk31BCHKEcUmt%2FwZGb969TaaAzVPxvVEbH%2FAnMPB5ww5Dp5bjCFPC%2FLyMypfgA%2FPLErPerCcDar%2BCNE9Ytg2D2aEeGWbH1Az8BCWTAiWIE7TQ4NTTshoSC%2Bajktd48aE9wuEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd89d39a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plus.png
gg-bet.de/wp-content/themes/32745/assets/img/ 787 B
1 KB 29ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/img/plus.png?v=1
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3897a39f41eab495c8d54eb3e42dd7f25cf1df38ef71eac83877fe4606e929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 787
last-modified: Wed, 12 Jul 2023 07:33:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAGIO4IHyB%2Fw70osWnfcCD%2BH1ahl9jUPOv9hv1BFnVt3mLPU1zkYz7cKQtN%2B6HMjjFqfG7NeH8teqTx6Rhm%2F%2BPflS9KhuUdY9QOAl7amK77zPbwUfDVipvApFrjI1TBW%2FbpdpENhPWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99db9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 minus.png
gg-bet.de/wp-content/themes/32745/assets/img/ 684 B
969 B 30ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/img/minus.png?v=1
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96862aa48bda59855f3d7343f33cea06b48f0fcf346e5e9db1bacd352d32e7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 684
last-modified: Wed, 12 Jul 2023 07:32:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En9hEZ6Efr7oBfJ95X%2BNRmleC9A4Qpbnra1QWQj8XXaq1CdBVKafhTX%2FMPRpyjBX1WUUOZ585RWdgJgfsQKom0cBfinIIbQ%2FDadQNO9CQCfI0j5uJUsi4bZuLd2jiMB%2BD9z%2Ff9LL2gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99dd9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 message-circle.png
gg-bet.de/wp-content/uploads/sites/32745/ 281 B
601 B 29ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/message-circle.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a3960a96096a3c8bca3f5676739077e361a0460bcdcfa8259e403ade995ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 281
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTF1Upsy2RHukBbYq%2FetiUg%2BJe30KTA4m%2FROQyur5mow74ScBUm5oXOuFlRpeHzTUJxDrbOadVc7SMD7ZfPXa9b94oCLOBLw1jHe5u4QXz%2BrXteolkkhIlo%2FcZZtEDY7BSAX7h38SZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99df9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mail.png
gg-bet.de/wp-content/uploads/sites/32745/ 239 B
534 B 28ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/mail.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3034b7f59246ab85317fe4aa9d948d97ff9d9d697621e0205fe840ec45b730d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 239
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRaGAtQAOPP5gqaT2tJumKxERlurPYYP8QM948vlLpHye5EWOtr4F3YbFMKS6BT4DejXfTJ2gA34Tu1Fj40QRRloglYM1nwDURxma9Wafj%2FiTc%2B4%2FOiiB1IRf50%2F2DLWjqqxa%2BeIYss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99e19a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phone-call.png
gg-bet.de/wp-content/uploads/sites/32745/ 296 B
578 B 27ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/uploads/sites/32745/phone-call.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894f95f621c0262d3651d4ded290e04d3607a43f698ffaba2d9df1db52ee70b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 296
last-modified: Thu, 10 Jun 2021 12:17:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpANHLge8XH3gsTIR3bBJkAq5F%2FfoX2X8mFeaxIVcgDPCkdt295pKXs0YK%2BaCyc7GoKG2CksAZCvKMgIrK002H04WyMalji4gIsnuJhqAHQrGBvewUGVYUECQoZ4jrMMiEP9%2BFo%2FG88%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99e29a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pay.png
gg-bet.de/wp-content/themes/32745/assets/img/ 8 KB
8 KB 27ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/img/pay.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea3c19cf0d25f73a1f1641d808c63ee90ad90c0195642acaae657144ed05010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 7880
last-modified: Wed, 12 Jul 2023 07:32:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUjkFYowp413fQDtP9WLf7r6m03c9usZVV1oktpXus1jnU%2FOq22mYEqlBoKruA%2BFfTSkurvepAjjVXpxuJYrutfO23T%2BuHSdV7onM44%2BqBZ5vyw1sPbtl4fs2iPfSkeaD1%2BgwB3EpVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99e39a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 award.png
gg-bet.de/wp-content/themes/32745/assets/img/ 11 KB
11 KB 28ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/img/award.png
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 327033fb83da61bd96bd492798e6416ffb78669c95d63827cf4d2882423ef839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869269
alt-svc: h3=":443"; ma=86400
content-length: 11072
last-modified: Wed, 12 Jul 2023 07:33:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nmc0oetq9Hmz0mfELOWKXUFrJ9WL4KUiQDkjiCa3LJ7XnllnE3dUOlq5pm8an0PKcz1JF%2F2oWN44hjzzODJN54FSQdPF0gluUR5dzDysGWSJ6qesSsSilWjiu56wGbmAg%2BOaRndbQcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99e49a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-decode.min.js Show response
gg-bet.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 13ms
9ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gg-bet.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gg-bet.de
URL: https://gg-bet.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 17:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b6cdef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkhuvGaPOGdFRjkNGbFonCJ7v6ojX8EHLQ9UpKgRiqMoLd6ycVO55rmC7UsS2W%2Bf9bNuk0pU6K6hBSbMjbCCsb%2FqQvR0uSEljbsARWHOLmXaq5ywjAhdwy9ZjDcOUAF2Elq2jbFu0UY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7eac1bcd89c89a11-FRA
expires: Mon, 24 Jul 2023 13:42:44 GMT

GET
H2 200 main.js Show response
gg-bet.de/wp-content/plugins/custom-redirect-manager/front/assets/js/ 3 KB
1 KB 19ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-content/plugins/custom-redirect-manager/front/assets/js/main.js?ver=3.9.2
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319c898e8248fd610b8d4cae1419b2ad5b519319609795743cfc41c72a7c7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 07:33:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 869270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6SCfR5IM2uzg2U2s8Hg1usydshW6gcOGt6eMyTA6YxN9bXqm%2Bv67oW1dRL3Gjs%2FCfF%2BWifyKrUvnOwjOIGvJDZvzCL2VFP%2FINJu%2Bi83o3QHL1ioEzo%2F5q%2BUYrlufOHTicCV%2FFEtG6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7eac1bcd89c99a11-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postviews-cache.js Show response
gg-bet.de/wp-content/plugins/wp-postviews/ 503 B
605 B 19ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa0724408e9c325155ea2608c616fcf723252eac5df95aab4bb99297bcb1ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 07:33:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 869270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WauRMhFIVZJechTlOY%2FO%2Fqb7Ft5Ri5SP9XNE5mZjewGP5LKLpwPEUjjH5CPanewWL3YL5zEW1N5etP46007gNSqKZA58mwBtdrhItjUKL2siE7FvRbRNnMliOOk1n3tT2BQNKwREl0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7eac1bcd89ca9a11-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
gg-bet.de/wp-content/themes/32745/assets/dist/ 257 KB
90 KB 31ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/dist/app.js?ver=1.0
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d39980465fb5e78e8f5efa611ba195107398c24e4f0acbe1b94be6557a6b5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 07:21:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 869270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsq3Jmy6Que3f1YTF5mRjdywNDfFPzsgS0LrTnYfwYJhz3MWdgLBEW9N9M13416h1JqM4gD16caVugCamWapH0YizKRSMdjcaPPUZwaP3PxhHlOhklOTQ5puUFWRq%2BnCWqb88zXO0MM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7eac1bcd89cb9a11-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
51 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W6FJQGV

Requested by

Host: gg-bet.de
URL: https://gg-bet.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce2f46d45027de9135cae26c0777f87b57a46238227915246aaf86d7f675dd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51916
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jul 2023 13:42:44 GMT

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa95abc871f231da179d66a3c7010249ead5604bc2596e8f167597774a3344f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 faq2.svg
gg-bet.de/wp-content/themes/32745/assets/img/ 144 B
420 B 20ms
18ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/img/faq2.svg
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8b7422dce4c1db26f541501cf18261a285185e89d18b503384cf1d8c4d747b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 07:33:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 869269
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygzFcU3%2BZGCzv%2F0bQ8dT4VC1Oofu3dWl97AvPldFvF78hi6ECDd1NZIHQsszfwNBDhAeibmWETd9JxaWIJb0twCpnDvV2RYcCIYqIoDrxajAb3T7ETyrvl73uFfQOYi%2F%2BCj%2FQkGpQbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7eac1bcd99e99a11-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IdealistSans-Regular.woff
gg-bet.de/wp-content/themes/32745/assets/fonts/IdealistSans/ 50 KB
51 KB 28ms
27ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/fonts/IdealistSans/IdealistSans-Regular.woff
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f11dbdee1c27ee5fb8cfbc7be30ecbc035f9ca10c216888866592e66e1966c

Request headers

Referer: https://gg-bet.de/
Origin: https://gg-bet.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869127
alt-svc: h3=":443"; ma=86400
content-length: 51604
last-modified: Wed, 12 Jul 2023 07:33:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz6IhYNiti3Z3hmIZx2xaoAXOmAPjEuQYIbSobCtt%2Fg%2FEV7jhuqyWuP9N2MDVAPf46Qjcz2kPca6KjLul5lsiIAjxZsR18KTKP829fHSdApMckFuCe5lWJtYABoGf%2FuMIae2XNGe8nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99eb9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IdealistSans-Light.woff
gg-bet.de/wp-content/themes/32745/assets/fonts/IdealistSans/ 50 KB
51 KB 26ms
25ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gg-bet.de/wp-content/themes/32745/assets/fonts/IdealistSans/IdealistSans-Light.woff
Requested by: Host: gg-bet.de
URL: https://gg-bet.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9fee798c409068b8e5f054b707d6068d3c95b0544ae58c9671b0a7c893b62f9

Request headers

Referer: https://gg-bet.de/
Origin: https://gg-bet.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869127
alt-svc: h3=":443"; ma=86400
content-length: 51660
last-modified: Wed, 12 Jul 2023 07:33:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIgXMYkHNxPaFSUbhxPoatWkshVuomVu9e29IG1YcbWlYgCDiTB9NfGal85ouIh%2FLrL0pFL2703N%2FMOtRAoJsL0UIXLpxfHybTigsulXqfoPVEAS1YrcNwi850yY78hgUukxxICXdkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7eac1bcd99ec9a11-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 / Show response
gg-bet.de/ajax/ 41 B
622 B 343ms
343ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gg-bet.de/ajax/

Requested by

Host: gg-bet.de
URL: https://gg-bet.de/wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b274f6a60da2eee7fc1dd9b43b15eed0d9fb84f45b872bba55d053da6d17a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Cache-Control: no-cache
Referer: https://gg-bet.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBpDNbU9Sw7s6%2B%2ByZf7qkVm5zzMLNyfyWtxXZ36HOASVCCjefucesRlsvBuDuLP%2FcG3pWbCxXCV7RDH8iAC7fWzZbX4i6NEDxMyv3DbFAw4Ph4ut%2B8SnM5f%2BGia%2B7R621ejCtFFkfB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gg-bet.de
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7eac1bcdfb1839ca-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N4JWT2E95H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6FJQGV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7fdc8019758fd3060aa5b5ff3dcdf4f49789fbbce3efa50d99aa7f7256057b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jul 2023 13:42:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6FJQGV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 12:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4045
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 22 Jul 2023 14:35:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 15ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=305135508&t=pageview&_s=1&dl=https%3A%2F%2Fgg-bet.de%2F&ul=en-us&de=UTF-8&dt=GGBET%20Casino%20%C3%96sterreich%20-%20offizielle%20Seite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1177964285&gjid=58248623&cid=2089656983.1690033364&tid=UA-201164865-1&_gid=615668900.1690033364&_r=1&_slc=1&gtm=45He37j0n81W6FJQGV&z=335834130

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gg-bet.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 13:42:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gg-bet.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 42ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N4JWT2E95H&gtm=45je37j0&_p=305135508&cid=2089656983.1690033364&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1690033364&sct=1&seg=0&dl=https%3A%2F%2Fgg-bet.de%2F&dt=GGBET%20Casino%20%C3%96sterreich%20-%20offizielle%20Seite&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4JWT2E95H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gg-bet.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 13:42:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gg-bet.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: allcommonstories.com
URL: https://allcommonstories.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=allcommonstories.com&var=4138880&ymid=706613738723357300&var_3=&var_4=&dsig=&action=settings

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Domain: amunfezanttor.com
URL: https://amunfezanttor.com/event

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freecryptoevent.com/	1970-01-20 22:12:49	Name: hnsgfndrdt Value: Q2FsbCUyMENlbnRlciUyMEpvYiUyMEludGVydmlldyUyMFF1ZXN0aW9ucyUyMEFuZCUyMEFuc3dlcnMlMjBQaGlsaXBwaW5lcyUyMFRpbWU=
whairtoa.com/	1970-01-20 22:12:49	Name: OAID Value: 3c07095eed3344c9b3a1f2968b3cd454
whairtoa.com/	1970-01-20 22:12:49	Name: oaidts Value: 1690033362
my.rtmark.net/	1970-01-20 22:12:49	Name: ID Value: 3c07095eed3344c9b3a1f2968b3cd454
whairtoa.com/	1970-01-20 13:37:18	Name: syncedCookie Value: true
allcommonstories.com/	1970-01-20 22:12:49	Name: OAID Value: d91d9ba5e4d22ad22ef219a778e2177e
allcommonstories.com/	1970-01-20 22:12:49	Name: oaidts Value: 1690033362
allcommonstories.com/	1970-01-20 13:27:13	Name: prefetchAd_4662728 Value: true
allcommonstories.com/	1970-01-20 13:27:16	Name: reverse Value: qZrDc-gsu9_bINsnGqs2PsiigkBRRbBF53zn2n1b8cA
.gg-bet.de/	1970-01-20 13:28:39	Name: _gid Value: GA1.2.615668900.1690033364
.gg-bet.de/	1970-01-20 13:27:13	Name: _gat_UA-201164865-1 Value: 1
.gg-bet.de/	1970-01-20 23:03:13	Name: _ga_N4JWT2E95H Value: GS1.1.1690033364.1.0.1690033364.0.0.0
.gg-bet.de/	1970-01-20 23:03:13	Name: _ga Value: GA1.1.2089656983.1690033364

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://freecryptoevent.com/react.min.js?_9219279072640899 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allcommonstories.com
amunfezanttor.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
freecryptoevent.com
gg-bet.de
my.rtmark.net
region1.google-analytics.com
whairtoa.com
www.google-analytics.com
www.googletagmanager.com
allcommonstories.com
amunfezanttor.com
139.45.195.253
139.45.195.8
139.45.197.238
172.64.99.3
2001:4860:4802:34::36
2606:4700:3032::ac43:9062
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a06:98c1:3120::3
0139c05c272d63ff6aa4cecaacb15556014ce006ab6fc9559f273f515548b951
13fe1f63c5a01ab23ee21e8fd40de17f5643c81697943af83d04b06200240e92
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ea3c19cf0d25f73a1f1641d808c63ee90ad90c0195642acaae657144ed05010
3034b7f59246ab85317fe4aa9d948d97ff9d9d697621e0205fe840ec45b730d1
319c898e8248fd610b8d4cae1419b2ad5b519319609795743cfc41c72a7c7ca6
327033fb83da61bd96bd492798e6416ffb78669c95d63827cf4d2882423ef839
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493d34559b30af03437c2ee465c4daa42ac35377825d1928cac25614a871c407
4d2e2ab4400f3def5993a7ea661855d0ebecbbbe93242df0ad1a6d7f859a46bc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
626015de3c15c36e935ebb48c494f337a172c4d00f35836b3bf97a27108f8e26
6d39980465fb5e78e8f5efa611ba195107398c24e4f0acbe1b94be6557a6b5a3
6fa0724408e9c325155ea2608c616fcf723252eac5df95aab4bb99297bcb1ecc
80002d5f47c9055e539477080a0d0786dc360cf050cebb3c9c4dca7ca6b59fab
8232dce384efda4f42ab2a7a1c38d520dc4d074915826157c000ab13b00dcd2a
894f95f621c0262d3651d4ded290e04d3607a43f698ffaba2d9df1db52ee70b4
8b3897a39f41eab495c8d54eb3e42dd7f25cf1df38ef71eac83877fe4606e929
96862aa48bda59855f3d7343f33cea06b48f0fcf346e5e9db1bacd352d32e7d0
995ff2046c131c966ed9c46c88bd69d95805e6f02e3093993721efbf1e9f8417
9b274f6a60da2eee7fc1dd9b43b15eed0d9fb84f45b872bba55d053da6d17a61
a599c0ddf3716fff37f8d34d186e218caac17862312c2ff45faa824e64c80cff
a9fee798c409068b8e5f054b707d6068d3c95b0544ae58c9671b0a7c893b62f9
aa95abc871f231da179d66a3c7010249ead5604bc2596e8f167597774a3344f2
ad692363c8101efd6a3817ec230ece5fda2ed76aa60b822005c30dd4fb2bc39d
b5af2a229b96ec249729f7be81874e398086c3bd9964dea8672e536c4861f36d
b649034dd7d7ab6c50bc981113cd586ed88a599a8d37eaa4602b40f217729c16
bee78e0cac55d1aff2749772f173f97004612f2d0f560726489cb8801f92ddb7
bf8b7422dce4c1db26f541501cf18261a285185e89d18b503384cf1d8c4d747b
c43014441a7cffcdf142097fe136e1164b0f8fa687ceb6e648e6ef0bd7b6b37a
ce2f46d45027de9135cae26c0777f87b57a46238227915246aaf86d7f675dd95
d1a8f586902e9e962c4fe8d7d90bdeb63e31b0ca1188e11e1d80d99c2fa9adda
d75468c11147ffc90d2dbe2b7b04f3d3783e135a41af177e336eadbce580ec3a
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedf80cf25adbba1b18077316397c83fc28d8c50b9779ba4ca2131213421b494
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f11dbdee1c27ee5fb8cfbc7be30ecbc035f9ca10c216888866592e66e1966c
e59e92c45c3dc54bc98ee1e5351e985235cfafd477fd1b682299a4c9c8014e9e
f5a3960a96096a3c8bca3f5676739077e361a0460bcdcfa8259e403ade995ba1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7fdc8019758fd3060aa5b5ff3dcdf4f49789fbbce3efa50d99aa7f7256057b7
fa6566c193a0f52c4341498a1c39613f0c040df3100d1ddb68ff95b45f7d0616

gg-bet.de Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

95 %HTTPS

64 %IPv6

11 Domains

12 Subdomains

12 IPs

3 Countries

698 kBTransfer

1504 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gg-bet.de Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

95 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

698 kB
Transfer

1504 kB
Size

13
Cookies

59 HTTP transactions
3 data transactions