de.betano.com Open in urlscan Pro
2606:4700::6811:5559 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Effective URL:
https://de.betano.com/?siteid=796
Submission: On May 31 via manual (May 31st 2019, 6:42:06 pm UTC) from US

Summary HTTP 96 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 24 domains to perform 96 HTTP transactions. The main IP is 2606:4700::6811:5559, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is de.betano.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 2nd 2019. Valid for: 6 months.

This is the only time de.betano.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:30:... 2606:4700:30::681f:5f02	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15	2606:4700:30:... 2606:4700:30::681f:5e02	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	2a04:bc40:1dc... 2a04:bc40:1dc8::57	209813 (FASTCONTENT) (FASTCONTENT)
1 2	79.110.23.104 79.110.23.104	202023 (LLHOST //...) (LLHOST // M247)
1 2	195.201.93.115 195.201.93.115	24940 (HETZNER-AS) (HETZNER-AS)
1 3	99.198.108.195 99.198.108.195	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1 3	107.6.174.196 107.6.174.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
1 1	2606:4700:20:... 2606:4700:20::6819:b011	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	54.85.224.136 54.85.224.136	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
2 2	91.92.196.190 91.92.196.190	49882 (SKRILL) (SKRILL)
2 8	2606:4700::68... 2606:4700::6811:5559	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
38	2606:4700::68... 2606:4700::6813:b110	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.218.64.116 52.218.64.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.31.128.128 185.31.128.128	54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.)
96	23

3 2606:4700:30::681f:5f02 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

fastdownloadonlineoem.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:30::681f:5e02 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

fastdownloadonlineoem.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:bc40:1dc8::57 (Ukraine) 2 redirects

ASN209813 (FASTCONTENT, DE)

check-prize-online1.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.110.23.104 (Romania) 1 redirects

ASN202023 (LLHOST // M247, RO)

app8203.funysmile7.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.93.115 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.115.93.201.195.clients.your-server.de

realcenter-mobileapps2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.195 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

best.prizedeal32.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.6.174.196 (Amsterdam, Netherlands) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network

up.trkgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)

minently.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:b011 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.224.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-224-136.compute-1.amazonaws.com

ps.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.18 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

xml.poprtb.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.190 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

wlstoiximan.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:5559 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.betano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.betano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700::6813:b110 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cov.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.64.116 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.31.128.128 (United States)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)

20799687p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	gmlinteractive.com cov.gmlinteractive.com static.gmlinteractive.com	2 MB
18	fastdownloadonlineoem.services fastdownloadonlineoem.services	362 KB
8	betano.com 2 redirects www.betano.com de.betano.com	67 KB
4	gstatic.com fonts.gstatic.com	44 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	facebook.net connect.facebook.net	71 KB
3	popcash.net popcash.net Failed ps.popcash.net	1 KB
3	trkgenius.com 1 redirects up.trkgenius.com	4 KB
3	prizedeal32.info 1 redirects best.prizedeal32.info	6 KB
2	google.de www.google.de	218 B
2	google.com www.google.com	240 B
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	googletagmanager.com www.googletagmanager.com	45 KB
2	eacdn.com 2 redirects wlstoiximan.adsrv.eacdn.com	1 KB
2	realcenter-mobileapps2.com 1 redirects realcenter-mobileapps2.com	940 B
2	funysmile7.agency 1 redirects app8203.funysmile7.agency	798 B
2	check-prize-online1.life 2 redirects check-prize-online1.life	581 B
1	rfihub.com 20799687p.rfihub.com 20799693p.rfihub.com Failed
1	amazonaws.com stoiximan.s3.amazonaws.com Failed s3-eu-west-1.amazonaws.com	182 KB
1	yahoo.com sp.analytics.yahoo.com	448 B
1	googleadservices.com www.googleadservices.com	9 KB
1	poprtb.pro 1 redirects xml.poprtb.pro	176 B
1	minently.com minently.com	3 KB
0	facebook.com Failed www.facebook.com Failed
96	24

	Domain	Requested by
25	cov.gmlinteractive.com	de.betano.com
18	fastdownloadonlineoem.services	fastdownloadonlineoem.services
13	static.gmlinteractive.com	de.betano.com
7	de.betano.com	1 redirects ps.popcash.net de.betano.com static.gmlinteractive.com
4	fonts.gstatic.com	de.betano.com
3	connect.facebook.net	fastdownloadonlineoem.services connect.facebook.net
3	up.trkgenius.com	1 redirects best.prizedeal32.info up.trkgenius.com
3	best.prizedeal32.info	1 redirects realcenter-mobileapps2.com best.prizedeal32.info
2	www.google.de	de.betano.com
2	www.google.com	de.betano.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.google-analytics.com	1 redirects de.betano.com
2	www.googletagmanager.com	de.betano.com
2	wlstoiximan.adsrv.eacdn.com	2 redirects
2	ps.popcash.net	1 redirects minently.com
2	realcenter-mobileapps2.com	1 redirects app8203.funysmile7.agency
2	app8203.funysmile7.agency	1 redirects fastdownloadonlineoem.services
2	check-prize-online1.life	2 redirects
1	20799687p.rfihub.com	static.gmlinteractive.com
1	stats.g.doubleclick.net	de.betano.com
1	s3-eu-west-1.amazonaws.com	de.betano.com
1	sp.analytics.yahoo.com	de.betano.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.betano.com	1 redirects
1	xml.poprtb.pro	1 redirects
1	popcash.net	minently.com
1	minently.com
0	20799693p.rfihub.com Failed	static.gmlinteractive.com
0	www.facebook.com Failed	de.betano.com connect.facebook.net
0	stoiximan.s3.amazonaws.com Failed	de.betano.com
96	30

This site contains links to these domains. Also see Links.

Domain
web.whatsapp.com
blog-betano.de
affiliates.betano.com
www.gamblingtherapy.org
dswv.de
www.authorisation.mga.org.mt
www.playtech.com
www.eu-ssa.org
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
best.prizedeal32.info Let's Encrypt Authority X3	`2019-04-14` - `2019-07-13`	3 months	crt.sh
up.trkgenius.com Let's Encrypt Authority X3	`2019-05-22` - `2019-08-20`	3 months	crt.sh
minently.com Let's Encrypt Authority X3	`2019-04-16` - `2019-07-15`	3 months	crt.sh
ssl713727.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-02` - `2019-10-09`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
ssl945358.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-11-26` - `2019-09-18`	10 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-09` - `2019-11-05`	6 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.rfihub.com DigiCert SHA2 Secure Server CA	`2016-07-20` - `2019-09-03`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://de.betano.com/?siteid=796
Frame ID: 87C29D772FDB4A58002E08FBDDDA6469
Requests: 93 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8C24554690BC5D1F2894AF2AF5FF1E7E
Requests: 1 HTTP requests in this frame

Frame: https://20799687p.rfihub.com/ca.html?rb=35459&ca=20799687&_o=35459&_t=20799687
Frame ID: F4E2D8040DDDFFEB8302F992C7CC081D
Requests: 1 HTTP requests in this frame

Frame: https://20799693p.rfihub.com/ca.html?rb=35459&ca=20799693&_o=35459&_t=20799693
Frame ID: 3D77C53A447F85649C68C2005DD7423D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans Page URL
http://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 301
https://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 302
http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1 Page URL
http://app8203.funysmile7.agency/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkA... HTTP 302
http://realcenter-mobileapps2.com/away.php Page URL
https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream... Page URL
https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://best.prizedeal32.info/proc.php?6e8c9b67a4f53e2930c8909fa4720f53a38e1e48 HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=669726322761033... Page URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333... Page URL
https://up.trkgenius.com/out.php?v=5594023035b064c9f5048f6c44fa9b84 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
http://popcash.net/world/go/216668/462082 HTTP 301
http://ps.popcash.net/go/216668/462082 Page URL
http://ps.popcash.net/ad/ad?p=216668&w=462082&t=1f5b32c764daf6eb&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
http://xml.poprtb.pro/click?i=3yoTo7AkMew_0 HTTP 302
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482 HTTP 302
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482&AutoR=1 HTTP 302
https://www.betano.com/?btag=a_796b_223c_133482&siteid=796 HTTP 302
https://de.betano.com/?btag=a_796b_223c_133482&siteid=796 HTTP 302
https://de.betano.com/?siteid=796 Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

96
Requests

73 %
HTTPS

54 %
IPv6

24
Domains

30
Subdomains

23
IPs

8
Countries

2783 kB
Transfer

4931 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://web.whatsapp.com/send?phone=4915164470991
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: https://blog-betano.de/?utm_source=Betano-de&utm_medium=Sidebar-Banner&utm_campaign=180820-BTN-DE-Blog-Betano-Sidebar
Title: Sportgeschichten und Interviews, Fußball- und Basketballanalysen und vieles mehr...

Search URL Search Domain Scan URL

URL: https://affiliates.betano.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.gamblingtherapy.org/
Title:

Search URL Search Domain Scan URL

URL: https://dswv.de/
Title:

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=DE&company=160deea8-baed-4221-9ce3-08bb3bb7c3b4&details=1
Title:

Search URL Search Domain Scan URL

URL: http://www.playtech.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.eu-ssa.org/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/betano.deutschland

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betano_deutschland

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_aPhtssooUVZgpWbYBOmxA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans Page URL
http://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 301
https://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 302
http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1 Page URL
http://app8203.funysmile7.agency/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz704CdSGy5rB081Af2WCBp7d1D5nhFS1ZlpmFAk2NlGEdcjce4cOxd%2byPryVAR%2bU69x8%3d HTTP 302
http://realcenter-mobileapps2.com/away.php Page URL
https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299 Page URL
https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8 Page URL
https://best.prizedeal32.info/proc.php?6e8c9b67a4f53e2930c8909fa4720f53a38e1e48 HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314 Page URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314&m=6JgyymgbH1DZsSg_tB2N6JEzkjuJDCOXLtGG4Ncwevds-qiGhNis-qGghnoH-tK66md6hczjD_HPk4MwxkK8NPKRAAPXD7OjtjDjtoH_k7M_hNoJb7czOk Page URL
https://up.trkgenius.com/out.php?v=5594023035b064c9f5048f6c44fa9b84 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx Page URL
http://popcash.net/world/go/216668/462082 HTTP 301
http://ps.popcash.net/go/216668/462082 Page URL
http://ps.popcash.net/ad/ad?p=216668&w=462082&t=1f5b32c764daf6eb&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
http://xml.poprtb.pro/click?i=3yoTo7AkMew_0 HTTP 302
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482 HTTP 302
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482&AutoR=1 HTTP 302
https://www.betano.com/?btag=a_796b_223c_133482&siteid=796 HTTP 302
https://de.betano.com/?btag=a_796b_223c_133482&siteid=796 HTTP 302
https://de.betano.com/?siteid=796 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 301
https://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1 HTTP 302
http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1

Request Chain 19

http://app8203.funysmile7.agency/web/ HTTP 302
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz704CdSGy5rB081Af2WCBp7d1D5nhFS1ZlpmFAk2NlGEdcjce4cOxd%2byPryVAR%2bU69x8%3d HTTP 302
http://realcenter-mobileapps2.com/away.php

Request Chain 22

https://best.prizedeal32.info/proc.php?6e8c9b67a4f53e2930c8909fa4720f53a38e1e48 HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314

Request Chain 24

https://up.trkgenius.com/out.php?v=5594023035b064c9f5048f6c44fa9b84 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx

Request Chain 26

http://popcash.net/world/go/216668/462082 HTTP 301
http://ps.popcash.net/go/216668/462082

Request Chain 90

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=736255811&t=pageview&_s=1&dl=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&dp=%2F&ul=en-us&de=UTF-8&dt=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEAB~&jid=786158117&gjid=2080786961&cid=1844330155.1559328115&tid=UA-119553376-1&_gid=1734414928.1559328115&_r=1&z=2080249693 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119553376-1&cid=1844330155.1559328115&jid=786158117&_gid=1734414928.1559328115&gjid=2080786961&_v=j76&z=2080249693

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set microsoft-office-for-free-for-veterans
fastdownloadonlineoem.services/ 40 KB
10 KB 59ms
52ms Document
text/html 2606:4700:30::681f:5f02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5f02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Host: fastdownloadonlineoem.services
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d7ff1cad33c184c8c7d14798027e959451559328105; expires=Sat, 30-May-20 18:41:45 GMT; path=/; domain=.fastdownloadonlineoem.services; HttpOnly
X-Powered-By: PHP/5.3.3
Server: cloudflare
CF-RAY: 4dfb15743be82754-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK styles_quickview.css
fastdownloadonlineoem.services/software_files/ 51 KB
6 KB 29ms
19ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/styles_quickview.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 8842c76be06b539067412f235cd5c29425d575da688cbaefc1ab8c41fd71fecf

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574aef3c28b-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK styles_002.css
fastdownloadonlineoem.services/software_files/ 77 KB
8 KB 24ms
14ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/styles_002.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 97656341b57958abfb8ba24ea053a1815e717e50c5e499868477a91226064529

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574ae739716-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK beeketing.css
fastdownloadonlineoem.services/software_files/ 43 KB
6 KB 25ms
16ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/beeketing.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 6fc57895fe532a96b2ae4a099810f6362f7c9c090eda7804119755cf76e82f47

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574aa0bd6d5-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK spr-5a2d2fd286dca8042a3a5a76bc9032c64c52a2792a734307c76740d0.css
fastdownloadonlineoem.services/software_files/ 17 KB
8 KB 22ms
14ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/spr-5a2d2fd286dca8042a3a5a76bc9032c64c52a2792a734307c76740d0.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 5a2d2fd286dca8042a3a5a76bc9032c64c52a2792a734307c76740d012641514

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574ad7e63a7-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK styles.css
fastdownloadonlineoem.services/software_files/ 33 KB
4 KB 42ms
34ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/styles.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 049f9b078faafb7b56ea98e104c506713c5f1a41fe29deea9a178f7535fdaed0

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574aee2c29f-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK widget.css
fastdownloadonlineoem.services/software_files/ 7 KB
2 KB 34ms
10ms Stylesheet
text/css 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://fastdownloadonlineoem.services/software_files/widget.css
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 8d3e18f68b9eaa621247ca0f82425bceaa1692917ef065aa610dad6bfe7d03c4

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1574bd9663a7-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK opp2016_large.png
fastdownloadonlineoem.services/software_files/ 55 KB
54 KB 31ms
29ms Image
text/html 2606:4700:30::681f:5f02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/opp2016_large.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5f02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15750c832754-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK w10_large.png
fastdownloadonlineoem.services/software_files/ 82 KB
82 KB 21ms
20ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/w10_large.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb1575086bc29f-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 404
Not Found win7pro_large.JPG
fastdownloadonlineoem.services/software_files/ 0
408 B 16ms
14ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/win7pro_large.JPG
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15750dc763a7-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK microsoft_visio_professional_2016_960x960_1_1024x1024_ced403.png
fastdownloadonlineoem.services/software_files/ 63 KB
62 KB 20ms
18ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/microsoft_visio_professional_2016_960x960_1_1024x1024_ced403.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15750812c28b-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK office_2016_product_key_1024x.png
fastdownloadonlineoem.services/software_files/ 35 KB
35 KB 19ms
18ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/office_2016_product_key_1024x.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15750bb6d6d5-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK paypal_1024x_bfabcb46-4000-420e-b8c1-bb32c1499eed_1024x.jpg
fastdownloadonlineoem.services/software_files/ 24 KB
24 KB 16ms
15ms Image
image/jpeg 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/paypal_1024x_bfabcb46-4000-420e-b8c1-bb32c1499eed_1024x.jpg
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 30 Nov 2017 03:32:38 GMT
Server: cloudflare
ETag: "2506c3d-5e03-55f2ae7562180"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4dfb15750ee99716-FRA
Content-Length: 24067
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 404
Not Found Guarantee-Graphic_5f1b62d4-1064-42a1-9c54-8b3eb646a085_640x6.png
fastdownloadonlineoem.services/software_files/ 0
408 B 24ms
10ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/Guarantee-Graphic_5f1b62d4-1064-42a1-9c54-8b3eb646a085_640x6.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb157538b1c28b-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK ws_seal_style5.png
fastdownloadonlineoem.services/software_files/ 38 KB
38 KB 21ms
16ms Image
text/html 2606:4700:30::681f:5f02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/ws_seal_style5.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5f02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15754ca62754-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK opp2016_medium.png
fastdownloadonlineoem.services/software_files/ 17 KB
18 KB 16ms
11ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/opp2016_medium.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15754930c29f-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK bolt.png
fastdownloadonlineoem.services/software_files/ 3 KB
2 KB 17ms
13ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/bolt.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15754c6bd6d5-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1 200
OK email.png
fastdownloadonlineoem.services/software_files/ 1 KB
2 KB 15ms
14ms Image
text/html 2606:4700:30::681f:5e02
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fastdownloadonlineoem.services/software_files/email.png
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5e02 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash

Request headers

Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4dfb15754f3b9716-FRA
Expires: Fri, 31 May 2019 22:41:45 GMT

GET
H/1.1

200
OK

Cookie set / Show response
app8203.funysmile7.agency/4760566434/
Redirect Chain

http://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1
https://check-prize-online1.life/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1
http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1

85 B
382 B

1165ms
118ms

Document
text/html

79.110.23.104
LLHOST // M247

General

Check archive.org

Show headers Download Go to

Full URL: http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1
Requested by: Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Protocol: HTTP/1.1
Server: 79.110.23.104 , Romania, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software: nginx/1.12.0 / ASP.NET
Resource Hash: a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6

Request headers

Host: app8203.funysmile7.agency
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans
Accept-Encoding: gzip, deflate
Origin: http://fastdownloadonlineoem.services
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans

Response headers

Server: nginx/1.12.0
Date: Fri, 31 May 2019 18:41:47 GMT
Content-Type: text/html
Content-Length: 85
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=0l1uyhfn0shhig3ziasmf5jb; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Server: nginx/1.12.0
Date: Fri, 31 May 2019 18:41:46 GMT
Content-Length: 210
Connection: keep-alive
Cache-Control: private
Location: http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1
Set-Cookie: ASP.NET_SessionId=qxa1bstcthrqlfuvkigto3wk; path=/; HttpOnly
X-Powered-By: ASP.NET

GET
H/1.1

200
OK

away.php Show response
realcenter-mobileapps2.com/
Redirect Chain

http://app8203.funysmile7.agency/web/
http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz704CdSGy5rB081Af...
http://realcenter-mobileapps2.com/away.php

348 B
578 B

11ms
10ms

Document
text/html

195.201.93.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://realcenter-mobileapps2.com/away.php
Requested by: Host: app8203.funysmile7.agency
URL: http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1
Protocol: HTTP/1.1
Server: 195.201.93.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.115.93.201.195.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 34680eb3e61d367f13b32f25b4fd56552cd05eb0d394e2d819b3705d77af1c49

Request headers

Host: realcenter-mobileapps2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=mgds8t9fj70trrjrvrepbnu4p5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://app8203.funysmile7.agency/4760566434/?u=ydk8kwf&o=2q3alcu&t=17oem_nov1&f=1

Response headers

Server: nginx/1.10.3
Date: Fri, 31 May 2019 18:41:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3
Date: Fri, 31 May 2019 18:41:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=mgds8t9fj70trrjrvrepbnu4p5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /away.php

GET
H2 200 / Show response
best.prizedeal32.info/ 3 KB
2 KB 357ms
116ms Document
text/html 99.198.108.195
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299

Requested by

Host: realcenter-mobileapps2.com
URL: http://realcenter-mobileapps2.com/away.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.3

Resource Hash

c1fbc4d440c0cac0249cbbfc2ff8869df14ef863ec64052369add582a1cc67db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: best.prizedeal32.info
:scheme: https
:path: /?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.3
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=892d30812aaabe116aaa0c7ff203d44d; expires=Sat, 30-May-2020 18:41:48 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
best.prizedeal32.info/ 11 KB
4 KB 120ms
119ms Document
text/html 99.198.108.195
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8

Requested by

Host: best.prizedeal32.info
URL: https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

e8ed4c587df8e79801f52fa3f80522e96aa28a9f4aa83f1df6096589ba411ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: best.prizedeal32.info
:scheme: https
:path: /?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299
accept-encoding: gzip, deflate, br
cookie: u=892d30812aaabe116aaa0c7ff203d44d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=246abb42-d08f-488f-ae7d-97004bbe8299

Response headers

status: 200
server: nginx
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

in.html Show response
up.trkgenius.com/
Redirect Chain

https://best.prizedeal32.info/proc.php?6e8c9b67a4f53e2930c8909fa4720f53a38e1e48
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314

6 KB
3 KB

59ms
16ms

Document
text/html

107.6.174.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314

Requested by

Host: best.prizedeal32.info
URL: https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

bigfish.setupcentral.network

Software

nginx/1.17.0 /

Resource Hash

7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: up.trkgenius.com
:scheme: https
:path: /in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://best.prizedeal32.info/?utm_term=6697263227610333605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8

Response headers

status: 200
server: nginx/1.17.0
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html
last-modified: Sun, 27 Jan 2019 05:38:08 GMT
etag: W/"5c4d43c0-1605"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html; charset=UTF-8
location: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314
x-powered-by: PHP/7.3.3
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 in.php
up.trkgenius.com/ 1 KB
986 B 29ms
28ms Document
text/html 107.6.174.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314&m=6JgyymgbH1DZsSg_tB2N6JEzkjuJDCOXLtGG4Ncwevds-qiGhNis-qGghnoH-tK66md6hczjD_HPk4MwxkK8NPKRAAPXD7OjtjDjtoH_k7M_hNoJb7czOk

Requested by

Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

bigfish.setupcentral.network

Software

nginx/1.17.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: up.trkgenius.com
:scheme: https
:path: /in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314&m=6JgyymgbH1DZsSg_tB2N6JEzkjuJDCOXLtGG4Ncwevds-qiGhNis-qGghnoH-tK66md6hczjD_HPk4MwxkK8NPKRAAPXD7OjtjDjtoH_k7M_hNoJb7czOk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314

Response headers

status: 200
server: nginx/1.17.0
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
refresh: 0; url=out.php?v=5594023035b064c9f5048f6c44fa9b84
set-cookie: t=e6bbd78701aa708a
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2

200

-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://up.trkgenius.com/out.php?v=5594023035b064c9f5048f6c44fa9b84
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx

4 KB
3 KB

365ms
306ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

3baa485f3cfb6e90a912ef7068c33317ea5283bc3ad535e766becee0574d83b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314&m=6JgyymgbH1DZsSg_tB2N6JEzkjuJDCOXLtGG4Ncwevds-qiGhNis-qGghnoH-tK66md6hczjD_HPk4MwxkK8NPKRAAPXD7OjtjDjtoH_k7M_hNoJb7czOk
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697263227610333605&pubid=1314&m=6JgyymgbH1DZsSg_tB2N6JEzkjuJDCOXLtGG4Ncwevds-qiGhNis-qGghnoH-tK66md6hczjD_HPk4MwxkK8NPKRAAPXD7OjtjDjtoH_k7M_hNoJb7czOk

Response headers

status: 200
content-type: text/html;charset=utf-8
x-cache-status: NOTCACHED
x-zen-fury: 06a5f858f217d50f6795985e115098b233a03a92
date: Fri, 31 May 2019 18:41:49 GMT
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=ff5a73bf63700cb9043b6acc7cb7b8d0_1559328108.8759; domain=minently.com; path=/; expires=Mon, 28-May-2029 18:41:48 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1559328108.8791; domain=minently.com; path=/; expires=Mon, 28-May-2029 18:41:48 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Zkc5Q3h0UnVsQUtnaFJNalMzdjRURFdBcVZzQ2VBYWhaZmJ3T1Z0dnpKKw%3D%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 18:41:48 UTC; Secure ff5a73bf63700cb9043b6acc7cb7b8d0_1559328108.8759_ck=djJOVVh0MEZzb3RLZmo5QkxHQzZxQm4wdjdIblRId1JndGRvQ0lCZlg5bURNakJYdjFUSjNWUUk2a01ZV09mMmVFOXUyOW0yRjN0YnpycFBWUFFqWWI1bStPTE5wempKVnVkNFlJRzY2THBMTURUaWdNNlN1a080c1krTXhLQnhEZmwvd1V6bEhPRnRwVWJwb0tWUGowdjZOci9HWWtZellLWnB6NU85WThacmo2aWEzTE05WDNwUlgxSG5oTGZFZWpXOEt5RDZHbEVnOTdzTm5GQ0lNQ25LYkF6bTRVSlpUVTVoWFU5YWZ2OHNJdjU4MmZHK1lOeFJJa2UydDVKSU9WTUZrYSs5QUZ3NHNiVWpUZElyYmRBNU9hQk0xUlNzUVh3T1ltMVZ3bXpqQXhMYnlaL0daVGgyMDl3c0tGaytqV0NkK0hOYVhic25XOGpPZDh5Q1V5N09VRWlvR1Vya01QTnBJTzJsUFh5b2UrL29yeVVuZENlVTBpK1BJV3I5cXB0SFdxT204S3lIR0RyTll1WFZIc1BEbDFmaytvN1U5SnhMMWlMWkZGUXVNNzFJdkF5OU5NQlpMUUNhMGdGak15c01Yblg5QUhqeTh2aWtvQnlkdm1PUXJIbGh3UnJIdjZNaFRpZWdGZ2pqYTVRS0FOUytJMUFEck9aV1ZZV2U5NGtUazdyK0RjOTU2amVZODhTcVNubFF1Q2tYL2VJUlVFVVN0TG44c3E4LzF2OU9uR2hpdUhGM3lZTjV0a2lseDNGbG5rWndINWtoQThCTVBHOGFQcWsra2JSUUEvc2Jyczg4NjF4cHo1c1I5a3VXSGZiS3ZSWlRiYURPeXdJSUNUYldCcDAvYjl2YUVFYy9CTjRZMlhiY3lrN08zcEZ3ckR2eUNkbGJHSUhxcFZINFYvUURwd2JpOXBISVJhbzhVb2NjbWR0UFcwUzEyZTJNZXJKZm9PODhjVWhId2IxQnc5QUNRVzJxSzh6U0M4Ri9XeDJCblIvUEZrUWJSVEpTQ3FvcS9lc2hsR0tiZ3ZXT3JJTnIrdmp6cUg4VW1MUDlTeVlIQU1UN1I3YVN1Z2drQUYveVFKZmdsQkVSaFhBVTU1YXZLTHFuVk14RWhtay9FZEVaSUE9PQ%3D%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 18:41:48 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=bFZkUFVJR2lWd0hqTUR5NlV6YVNuc0J0S0lFaTJOV2FPWjlyeUNZUXhQQ1hzMUpTMld1MktNNTFyZnd4eExXMkRFTE1ZRnhzdTVIQkpINjhGK29jT29uKzY5aGovaDN5ZlFYMy93elBXKzA9; domain=minently.com; path=/; expires=Fri, 31-May-2019 19:46:49 UTC; Secure SERVERID=sfc15; path=/
vary: Accept-Encoding Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx/1.17.0
date: Fri, 31 May 2019 18:41:48 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains

GET 462082
popcash.net/world/go/216668/ 0
0

GET
H/1.1

200
OK

462082
ps.popcash.net/go/216668/
Redirect Chain

http://popcash.net/world/go/216668/462082
http://ps.popcash.net/go/216668/462082

466 B
513 B

2468ms
97ms

Document
text/html

54.85.224.136
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ps.popcash.net/go/216668/462082
Requested by: Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=30eed52cd8ed1a59c1e5530cf20ccc03&ext1=dvx
Protocol: HTTP/1.1
Server: 54.85.224.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-85-224-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: ps.popcash.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://minently.com/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d1c4df96a62708418e27dcdbb436b3f211559328109
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

Date: Fri, 31 May 2019 18:41:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Fri, 31 May 2019 18:41:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Set-Cookie: __cfduid=d1c4df96a62708418e27dcdbb436b3f211559328109; expires=Sat, 30-May-20 18:41:49 GMT; path=/; domain=.popcash.net; HttpOnly
Location: http://ps.popcash.net/go/216668/462082
Server: cloudflare
CF-RAY: 4dfb158b0fd6c2a9-FRA

GET
H2

200

Primary Request / Show response
de.betano.com/
Redirect Chain

http://ps.popcash.net/ad/ad?p=216668&w=462082&t=1f5b32c764daf6eb&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
http://xml.poprtb.pro/click?i=3yoTo7AkMew_0
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482
https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_796b_223c_&affid=434&siteid=796&adid=223&c=133482&AutoR=1
https://www.betano.com/?btag=a_796b_223c_133482&siteid=796
https://de.betano.com/?btag=a_796b_223c_133482&siteid=796
https://de.betano.com/?siteid=796

507 KB
64 KB

121ms
120ms

Document
text/html

2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.betano.com/?siteid=796

Requested by

Host: ps.popcash.net
URL: http://ps.popcash.net/go/216668/462082

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8360cad742708bca7cfdd6b65e0c6085abbf3bb6cf22d7b8d0db0785312d1a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: de.betano.com
:scheme: https
:path: /?siteid=796
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://ps.popcash.net/go/216668/462082
accept-encoding: gzip, deflate, br
cookie: __cfduid=de42200fe5014cf6750bde0aa44423f521559328114; btag=a_796b_223c_133482; sticky=stx79.765
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ps.popcash.net/go/216668/462082

Response headers

status: 200
date: Fri, 31 May 2019 18:41:54 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.betano.com:*
set-cookie: _landing=1; expires=Sun, 31-May-2020 18:41:54 GMT; path=/; secure
x-farm: 17
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4dfb15aa4d5dc2d1-FRA

Redirect headers

status: 302
date: Fri, 31 May 2019 18:41:54 GMT
content-type: text/html; charset=utf-8
content-length: 129
location: /?siteid=796
set-cookie: btag=a_796b_223c_133482; domain=.betano.com; expires=Sun, 30-Jun-2019 18:41:54 GMT; path=/; secure; HttpOnly sticky=stx79.765
x-farm: 17
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4dfb15a9ec0ac2d1-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 64 KB
25 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-925512119

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

993380e154421bef4d5eccc2fd46f2806b704bcfe070c5efc49c609bbdc7cfbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: br
last-modified: Thu, 30 May 2019 16:41:01 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25343
x-xss-protection: 0
expires: Fri, 31 May 2019 18:41:54 GMT

GET
H2 200 betano_DE-champions%20league%20final-302x326_b.jpg
cov.gmlinteractive.com/cov/be/ 111 KB
111 KB 80ms
17ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano_DE-champions%20league%20final-302x326_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c879dfc1dab97665cc33d72b8cf48efcfe32ca21a542ae04fbfbb4c5178976

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=163848
status: 200
content-disposition: inline; filename="betano_DE-champions%20league%20final-302x326_b.webp"
cf-bgj: imgq:100
content-length: 113550
last-modified: Thu, 30 May 2019 11:25:59 GMT
server: cloudflare
etag: "d6e5775da16d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ab8a73c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 betano_de-freiwettenklub-302x326_de_b.jpg
cov.gmlinteractive.com/cov/be/ 65 KB
65 KB 71ms
20ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano_de-freiwettenklub-302x326_de_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1add14550332e4a7c6378085cfef1dc49050e3900a48def61cdf80e15a339e

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=97467
status: 200
content-disposition: inline; filename="betano_de-freiwettenklub-302x326_de_b.webp"
cf-bgj: imgq:100
content-length: 66382
last-modified: Tue, 28 May 2019 12:36:46 GMT
server: cloudflare
etag: "a6743635215d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ab8a77c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 betano_de-bonus-302x326_2019_2_12_16_56_4_b.jpg
cov.gmlinteractive.com/cov/be/ 5 KB
5 KB 70ms
19ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano_de-bonus-302x326_2019_2_12_16_56_4_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a49f4a2e51a5e27b41f3b7fa263dafa52d54c9a822984dd43bff03a6cca1220

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=11024
status: 200
content-disposition: inline; filename="betano_de-bonus-302x326_2019_2_12_16_56_4_b.webp"
cf-bgj: imgq:100
content-length: 4622
last-modified: Tue, 12 Feb 2019 16:56:04 GMT
server: cloudflare
etag: "8eaf26d7f3c2d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ab8a76c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 4161
date: Fri, 31 May 2019 17:32:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Fri, 31 May 2019 19:32:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 55 KB
20 KB 19ms
15ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

eecdf4c91b8e7f1ebbeeda886631d29136e520e55b1192b38832741042e6ecf2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: br
last-modified: Thu, 30 May 2019 16:41:01 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 20415
x-xss-protection: 0
expires: Fri, 31 May 2019 18:41:54 GMT

GET
H2 200 betano_logo.svg
static.gmlinteractive.com/desktop/images/ 35 KB
11 KB 79ms
11ms Image
image/svg+xml 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/betano_logo.svg?e1fdab5-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 69f60428fcdf54ef587c3c5a7891f937172498d3681c87263ca6e5bc954beaf7

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
etag: W/"ad22d8a8ad14d51:0"
cf-cache-status: HIT
last-modified: Mon, 27 May 2019 17:00:17 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
x-farm: 15
cache-control: public, max-age=14400
cf-ray: 4dfb15abbb13c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 source-18-sprite.png
static.gmlinteractive.com/desktop/images/ 56 KB
56 KB 86ms
19ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/source-18-sprite.png?49c95d88-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 458ae92da09bddca98d4651894545a0a24ba6ede315bf856a583dad8c73c27fc

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="source-18-sprite.webp"
cf-bgj: imgq:100
content-length: 57006
last-modified: Mon, 27 May 2019 17:00:17 GMT
server: cloudflare
etag: "be49d8a8ad14d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=66873
accept-ranges: bytes
cf-ray: 4dfb15abbb15c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 flag_sprite.png
static.gmlinteractive.com/desktop/images/ 7 KB
7 KB 75ms
10ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/flag_sprite.png?5fa8b2b8-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fee633102b3e2645e07d5c0f3509ebbe48f2fdaabbd83198bffa0650d09d280

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag_sprite.webp"
cf-bgj: imgq:100
content-length: 7444
last-modified: Fri, 19 Oct 2018 12:01:26 GMT
server: cloudflare
etag: "c3435076a367d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=8480
accept-ranges: bytes
cf-ray: 4dfb15abbb16c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://de.betano.com/?siteid=796
Origin: https://de.betano.com

Response headers

date: Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 5782942
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://de.betano.com/?siteid=796
Origin: https://de.betano.com

Response headers

date: Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 5782903
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://de.betano.com/?siteid=796
Origin: https://de.betano.com

Response headers

date: Sat, 27 Apr 2019 05:32:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:38 GMT
server: sffe
age: 2984948
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sun, 26 Apr 2020 05:32:46 GMT

GET
H2 200 imago40441837h_b.jpg
cov.gmlinteractive.com/cov/im/ 57 KB
58 KB 26ms
8ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/imago40441837h_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64674974e26e6ba36d7e95f02ad5b8d760fd3e1b5a51146f1bde40d32e6e21ef

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origSize=66562, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 58712
last-modified: Fri, 31 May 2019 05:38:31 GMT
server: cloudflare
etag: "3cd099147317d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15abbb0cc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 imago36377809h_b.jpg
cov.gmlinteractive.com/cov/im/ 70 KB
70 KB 42ms
23ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/imago36377809h_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124cf77d5ab5438b1cbd4445db096c3d279c618d8f70f001c26f0e0e8c6c0bc1

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=141656
status: 200
content-disposition: inline; filename="imago36377809h_b.webp"
cf-bgj: imgq:100
content-length: 71812
last-modified: Sat, 13 Oct 2018 08:35:37 GMT
server: cloudflare
etag: "76a03bb7cf62d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15abbb17c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 fuegos1080%20(1)_b.jpg
cov.gmlinteractive.com/cov/fu/ 608 KB
608 KB 38ms
20ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/fu/fuegos1080%20(1)_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e523319dbdfb2fba0ed16fe3d969cd485c65cb81e237fd10303cf105cb4847

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: status=cannot_optimize
status: 200
cf-bgj: imgq:100
content-length: 622134
last-modified: Thu, 30 May 2019 16:26:00 GMT
server: cloudflare
etag: "9165f35d417d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15abbb18c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 sprites.png
static.gmlinteractive.com/desktop/images/ 32 KB
32 KB 27ms
13ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/sprites.png?40977714-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 35a2f95eb217f2bb7bb788b1912017720cf0d14bc35722c01652aeaa598826d9

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="sprites.webp"
cf-bgj: imgq:100
content-length: 32632
last-modified: Tue, 22 Jan 2019 10:15:50 GMT
server: cloudflare
etag: "b03645733bb2d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=36251
accept-ranges: bytes
cf-ray: 4dfb15abbb1bc2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 19ms
17ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8912
x-xss-protection: 0
server: cafe
etag: 11386026576561889187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 31 May 2019 18:41:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
15 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fastdownloadonlineoem.services
URL: http://fastdownloadonlineoem.services/microsoft-office-for-free-for-veterans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15397
x-xss-protection: 0
pragma: public
x-fb-debug: /Pz4sBYSYiCX6AAt1BaRmtDualo+1NCr5/k91C/Kbz4OXi3+F2YK37NvEsSoAzx/V6nvSGtL48l6pv2ETCzrRg==
date: Fri, 31 May 2019 18:41:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
448 B 122ms
37ms Image
image/gif 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10070820&ea=rtg&gtmcb=45691174

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Fri, 31 May 2019 18:41:54 GMT

GET logo_14.png
stoiximan.s3.amazonaws.com/landing/ 0
0

GET
H2 200 enhanced-icon.png
de.betano.com/images/ 1 KB
1 KB 53ms
52ms Image
image/png 2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.betano.com/images/enhanced-icon.png

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db3d62b35a1729b1337868f37c66e5ebd5f1b79d0f45913792973ae90e9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 1304
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Oct 2018 12:01:26 GMT
server: cloudflare
etag: "20804f76a367d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-farm: 17
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4dfb15acdcf4c2d1-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 sq-zero-rake.png
static.gmlinteractive.com/desktop/images/ 210 B
368 B 27ms
26ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/sq-zero-rake.png?b15d12ca-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f4d9a26ae47cf38583bc9a9301aa34a06ae6f25b82e1644c66c8b70d9101472

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="sq-zero-rake.webp"
cf-bgj: imgq:100
content-length: 210
last-modified: Fri, 03 May 2019 09:23:23 GMT
server: cloudflare
etag: "cca2f1da911d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=2123
accept-ranges: bytes
cf-ray: 4dfb15acef66c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 influencers-desktop_b.jpg
cov.gmlinteractive.com/cov/in/ 4 KB
4 KB 24ms
10ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/in/influencers-desktop_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0763d5e9eef08037ef6af7e73d1b2fe5b022a03286e8752b2674a1826a120a0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=11332
status: 200
content-disposition: inline; filename="influencers-desktop_b.webp"
cf-bgj: imgq:100
content-length: 4200
last-modified: Fri, 03 May 2019 15:10:24 GMT
server: cloudflare
etag: "e3dc7155c21d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2830c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 betano_de-bottomright-blog_b.jpg
cov.gmlinteractive.com/cov/be/ 5 KB
5 KB 23ms
9ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano_de-bottomright-blog_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8424513967137838c2aa72310af6f607d948f0ae4e544cf2c8097800896d12

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origSize=6103, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 5177
last-modified: Thu, 09 May 2019 07:22:44 GMT
server: cloudflare
etag: "52a191fe376d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2832c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 web_page_364x188_DE_b.jpg
cov.gmlinteractive.com/cov/we/ 24 KB
24 KB 34ms
21ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/we/web_page_364x188_DE_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cae5dcca8d441eae468baa07848ec67451e6d80dac5d33561d282f138116a10

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=86297
status: 200
content-disposition: inline; filename="web_page_364x188_DE_b.webp"
cf-bgj: imgq:100
content-length: 24370
last-modified: Fri, 01 Feb 2019 16:54:39 GMT
server: cloudflare
etag: "98ea2cd24ebad41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2834c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 DENEW_stoiximan-2kaitamio-364x188_b.jpg
cov.gmlinteractive.com/cov/de/ 34 KB
34 KB 36ms
23ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/de/DENEW_stoiximan-2kaitamio-364x188_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66da37cb3ae6543f140aea71e76e4ebd546327f7838384202515f0e89d25d6b

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origSize=35441, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 34861
last-modified: Tue, 12 Jun 2018 15:54:35 GMT
server: cloudflare
etag: "90eb54a9652d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2836c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 images_offer_364x188_pes_to_ki_egine_b.jpg
cov.gmlinteractive.com/cov/im/ 49 KB
49 KB 24ms
12ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/images_offer_364x188_pes_to_ki_egine_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ddce37ed60d59d59f7ae4360ee0facf2f3c71d7574fd87d6015ca488f567c4

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=111808
status: 200
content-disposition: inline; filename="images_offer_364x188_pes_to_ki_egine_b.webp"
cf-bgj: imgq:100
content-length: 50454
last-modified: Mon, 20 Nov 2017 12:21:25 GMT
server: cloudflare
etag: "d32cad15fa61d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2837c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 prim_paroli_350x175_b.jpg
cov.gmlinteractive.com/cov/pr/ 34 KB
34 KB 28ms
16ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/pr/prim_paroli_350x175_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b4f45177645849a3b44c7afb12aa40b70b774344f209ef54b75c82185802ac

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=68956
status: 200
content-disposition: inline; filename="prim_paroli_350x175_b.webp"
cf-bgj: imgq:100
content-length: 34692
last-modified: Thu, 09 Jul 2015 14:15:11 GMT
server: cloudflare
etag: "67fdb8aa51bad01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2839c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 images_offer_364x188_gkaniota_b.jpg
cov.gmlinteractive.com/cov/im/ 29 KB
29 KB 22ms
10ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/images_offer_364x188_gkaniota_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc47655442c8fdbe6ba213cd18cecfd44ee167efddf828f8fa14c1cab4f250a4

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=59383
status: 200
content-disposition: inline; filename="images_offer_364x188_gkaniota_b.webp"
cf-bgj: imgq:100
content-length: 29588
last-modified: Fri, 17 Nov 2017 16:30:04 GMT
server: cloudflare
etag: "9d6b752c15fd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad283ac2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 images_offer_364x188_paroligo_b.jpg
cov.gmlinteractive.com/cov/im/ 58 KB
58 KB 29ms
19ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/images_offer_364x188_paroligo_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262c8ab703d82d99425d66cd353e01390068e28ed2ac60335cc576bf07fb2064

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=113581
status: 200
content-disposition: inline; filename="images_offer_364x188_paroligo_b.webp"
cf-bgj: imgq:100
content-length: 59614
last-modified: Fri, 17 Nov 2017 16:25:27 GMT
server: cloudflare
etag: "28d6a8adc05fd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad283bc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 images_offer_364x188_isopalia_b.jpg
cov.gmlinteractive.com/cov/im/ 49 KB
49 KB 31ms
22ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/images_offer_364x188_isopalia_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06e9d0732c59dfd37b13386c24b62330399858724a89768b3fb93e6df24af80

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=93001
status: 200
content-disposition: inline; filename="images_offer_364x188_isopalia_b.webp"
cf-bgj: imgq:100
content-length: 49918
last-modified: Fri, 17 Nov 2017 16:22:05 GMT
server: cloudflare
etag: "816f5c35c05fd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad2841c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 images_offer_364x188_streaming_b.jpg
cov.gmlinteractive.com/cov/im/ 29 KB
29 KB 30ms
24ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/im/images_offer_364x188_streaming_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b9c67d16e0881b8fccf36ae33bd0e1c7c6e0e71ea14304fc255b6770fb949b

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=jpeg, origSize=61031
status: 200
content-disposition: inline; filename="images_offer_364x188_streaming_b.webp"
cf-bgj: imgq:100
content-length: 29586
last-modified: Fri, 17 Nov 2017 16:54:11 GMT
server: cloudflare
etag: "baf121b1c45fd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad283cc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 betano-stut%20(1)_b.jpg
cov.gmlinteractive.com/cov/be/ 10 KB
10 KB 20ms
14ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano-stut%20(1)_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f157e0fad9ec9ca348a3ab046969f1e49e0210463b6143c1916495e820d37245

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=18336
status: 200
content-disposition: inline; filename="betano-stut%20(1)_b.webp"
cf-bgj: imgq:100
content-length: 10328
last-modified: Thu, 05 Jul 2018 12:38:46 GMT
server: cloudflare
etag: "c790cc1d5d14d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad283dc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 betano-EHF-(2)%20(2)_b.jpg
cov.gmlinteractive.com/cov/be/ 9 KB
9 KB 32ms
27ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/be/betano-EHF-(2)%20(2)_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356acfec1d52ba291b985b8c289900029e0329eecd6c4ae1a9ab2a2898465eb6

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=14254
status: 200
content-disposition: inline; filename="betano-EHF-(2)%20(2)_b.webp"
cf-bgj: imgq:100
content-length: 8926
last-modified: Tue, 28 Aug 2018 14:42:00 GMT
server: cloudflare
etag: "b4a3747dd3ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ad283ec2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 234568464078651 Show response
connect.facebook.net/signals/config/ 207 KB
55 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ed2375d310504bbf65b4ef8e9ae3625c23706b1933504f7851f9e5eade785b2a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 56279
x-xss-protection: 0
pragma: public
x-fb-debug: eJ08d0YqARAoGYQaHW4IO+Shdr4KkZn74MGhEEwijYD0SZotOrC1JaUjSK6h70HJkTDlLHIAImMvzNb2mK8QBA==
date: Fri, 31 May 2019 18:41:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK betano_de_championsleague_final_onsite_landing_712x494.jpg
s3-eu-west-1.amazonaws.com/stoiximan/cov/marketing-content/photos-landing/Landing_DE/ 182 KB
182 KB 182ms
38ms Image
image/jpeg 52.218.64.116
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/stoiximan/cov/marketing-content/photos-landing/Landing_DE/betano_de_championsleague_final_onsite_landing_712x494.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.64.116 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5504e228069db9d68866dfa60cd333b36a47deb67ddd681adee36d4f998eab31

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 31 May 2019 18:41:55 GMT
Last-Modified: Thu, 30 May 2019 12:14:07 GMT
Server: AmazonS3
x-amz-request-id: 6FF15AEF488B9237
ETag: "0e90431e2dd5f83e768c52293f03b347"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 186215
x-amz-id-2: 7O7UD50hefME1uHQpQGja9nJZfxOdzjHOV9jvhmgDvtXQ4nwc9WZ/EniYSfZ3vexD9MChNyp9qw=

GET
H2 200 plus18_b.jpg
cov.gmlinteractive.com/cov/pl/ 616 B
770 B 56ms
12ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/pl/plus18_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627fb9b17650afd8b41111831176f0158f67393c76fe547b42efc4d19e3976af

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1329
status: 200
content-disposition: inline; filename="plus18_b.webp"
cf-bgj: imgq:100
content-length: 616
last-modified: Fri, 15 Apr 2016 12:01:52 GMT
server: cloudflare
etag: "1822c99e97d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b27c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 gt_2018_5_18_16_0_8_b.jpg
cov.gmlinteractive.com/cov/gt/ 984 B
1 KB 60ms
16ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/gt/gt_2018_5_18_16_0_8_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7311b23b5c6f47e747739e4e589f00eb215eed3b8362b310ee4c51716053a5aa

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origSize=18558, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 984
last-modified: Fri, 18 May 2018 16:00:08 GMT
server: cloudflare
etag: "e24c644bc1eed31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b28c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 dswv_logo-rot-blau_desktop_b.jpg
cov.gmlinteractive.com/cov/ds/ 1 KB
2 KB 52ms
9ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/ds/dswv_logo-rot-blau_desktop_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f8d28603fa55958de393e9779e59ef7e5787cf0dfb712ba5312472d2276d77

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4272
status: 200
content-disposition: inline; filename="dswv_logo-rot-blau_desktop_b.webp"
cf-bgj: imgq:100
content-length: 1530
last-modified: Thu, 31 Jan 2019 11:12:22 GMT
server: cloudflare
etag: "6d699ad655b9d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b29c2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 mga_b_b.jpg
cov.gmlinteractive.com/cov/mg/ 2 KB
2 KB 59ms
17ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/mg/mga_b_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9e02ba0f32263ca4a8fbd13a7c1d38d98f9e4caae18fa68bbce645132e22ce4

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=19528
status: 200
content-disposition: inline; filename="mga_b_b.webp"
cf-bgj: imgq:100
content-length: 1874
last-modified: Fri, 18 May 2018 16:32:21 GMT
server: cloudflare
etag: "9cec4dcbc5eed31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b2ac2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 playtech-hover-logo_b.jpg
cov.gmlinteractive.com/cov/pl/ 1 KB
1 KB 55ms
13ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/pl/playtech-hover-logo_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: da02dd19e13f27ef4b883724160fe8807a1b160c424c3d4af02a15942a454bdb

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2769
status: 200
content-disposition: inline; filename="playtech-hover-logo_b.webp"
cf-bgj: imgq:100
content-length: 1136
last-modified: Thu, 16 Jul 2015 13:14:57 GMT
server: cloudflare
etag: "e5c4a269c9bfd01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b2bc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 iso-gml_a_b.jpg
cov.gmlinteractive.com/cov/is/ 2 KB
2 KB 56ms
14ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/is/iso-gml_a_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a1e9bfcfec9583eb69cde7a20cba6cab76569d551959c5eff6c9c692a29306

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
cf-polished: origSize=17189, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 2038
last-modified: Wed, 04 Jul 2018 09:30:35 GMT
server: cloudflare
etag: "4ce66fa97913d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-farm: 15
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b2dc2ae-FRA
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 _thumb_14550_b.jpg
cov.gmlinteractive.com/cov/_t/ 4 KB
4 KB 65ms
24ms Image
image/jpeg 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/cov/_t/_thumb_14550_b.jpg
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce45c484e6de52abcd5a14f8d4447e2c578132bbcfff97d2bb0ba33526601a4

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Jul 2016 08:52:41 GMT
server: cloudflare
etag: "8415c914adddd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
x-farm: 14
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 4dfb15ae1b2ec2ae-FRA
content-length: 3680
expires: Mon, 01 Jul 2019 18:41:54 GMT

GET
H2 200 survey-notifications-icon.png
static.gmlinteractive.com/desktop/images/ 728 B
896 B 60ms
20ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/survey-notifications-icon.png?WKyskpCJylrzWVejDk_SFQ216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6eab46b3dfb631d7c0b5a385e810e442d6132a7fe00ba61ae14f1d3eba5a880d

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="survey-notifications-icon.webp"
cf-bgj: imgq:100
content-length: 728
last-modified: Fri, 19 Oct 2018 12:01:26 GMT
server: cloudflare
etag: "115e5676a367d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=2143
accept-ranges: bytes
cf-ray: 4dfb15ae1b30c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 messages.client.de.ctxt.js Show response
static.gmlinteractive.com/desktop/js/resources/ 16 KB
6 KB 49ms
10ms Script
application/javascript 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gmlinteractive.com/desktop/js/resources/messages.client.de.ctxt.js?WA1FLC2MYIO9vMFI6ugaqA216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 461ed9948622061fd0647c6fc67ee965654f2f3c8968ec827c15f4246b205b72

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-length: 5671
last-modified: Fri, 31 May 2019 09:37:56 GMT
server: cloudflare
etag: "a8923e879417d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-farm: 15
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4dfb15ae1b25c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 sportsbook.min.js Show response
static.gmlinteractive.com/desktop/js/ 1 MB
523 KB 51ms
13ms Script
application/javascript 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 885287312439762b1d3c2a41e16081d6c9b0509fcc068e2b9a761cb1c5699301

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
etag: "d6db27939417d51:0"
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 09:38:16 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-farm: 15
cache-control: public, max-age=14400
cf-ray: 4dfb15ae1b26c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/ 2 KB
1 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/?random=1559328114854&cv=9&fst=1559328114854&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fab2e43a17f246254221c8a891e41808e180d8e46d06d1cb6617a14f23536bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ 2 KB
1 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1559328114889&cv=9&fst=1559328114889&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

24beda66a03b58825cb21a652bdf4e9108cb9e0d838c6134397ad719075634c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bet-mentor-logo.png
static.gmlinteractive.com/desktop/images/ 1 KB
1 KB 15ms
11ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/bet-mentor-logo.png?7e0b8aea-1559295477878
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 080375d22a3195e25e9c8188a1cac3a636d8d4dd9e746c976b5f596e6b6fe6b7

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:54 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="bet-mentor-logo.webp"
cf-bgj: imgq:100
content-length: 1216
last-modified: Tue, 22 Jan 2019 10:15:50 GMT
server: cloudflare
etag: "536641733bb2d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=2765
accept-ranges: bytes
cf-ray: 4dfb15ae4bb5c2ae-FRA
expires: Fri, 31 May 2019 22:41:54 GMT

GET
H2 200 all.18.css
static.gmlinteractive.com/desktop/css/ 411 KB
60 KB 13ms
13ms Stylesheet
text/css 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gmlinteractive.com/desktop/css/all.18.css?Yg1yZI98fArMM-EKeqoeYA216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c4b16a373b8ca981c6663befbcec55ee3ae97c95bf5d50dd3f0b654a9381cab

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-length: 61689
last-modified: Fri, 31 May 2019 09:37:57 GMT
server: cloudflare
etag: "8084f879417d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-farm: 15
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4dfb15aefdeec2ae-FRA
expires: Fri, 31 May 2019 22:41:55 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763238947/ 42 B
120 B 42ms
38ms Image
image/gif 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1559328114889&cv=9&fst=1559325600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&fmt=3&cdct=2&is_vtc=1&random=3014173299&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763238947/ 42 B
109 B 21ms
20ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1559328114889&cv=9&fst=1559325600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5m0&sendb=1&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&fmt=3&cdct=2&is_vtc=1&random=3014173299&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/925512119/ 42 B
120 B 29ms
26ms Image
image/gif 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/925512119/?random=1559328114854&cv=9&fst=1559325600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&fmt=3&cdct=2&is_vtc=1&random=3196688842&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/925512119/ 42 B
109 B 57ms
56ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/925512119/?random=1559328114854&cv=9&fst=1559325600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=Betano%20Wetten%20%7C%20Legitime%20und%20sichere%20Online-Wetten&async=1&fmt=3&cdct=2&is_vtc=1&random=3196688842&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
923 B 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: FHeIF8Bg2Z91JlEfPmNICT9d97DcZg20rulbgyhAKhRCYAaNlRdCYKlHTu2oQkQEhgh41sflKhFoGXJXP5gUDg==
date: Fri, 31 May 2019 18:41:55 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
www.facebook.com/tr/ 0
0

GET
H2 200 enhanced-icon.png
static.gmlinteractive.com/desktop/images/ 236 B
470 B 11ms
9ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/enhanced-icon.png
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3fb55d11633f5d5e6cdc984e29b4a54e1ddba7c3a17e66e35443b3e2aa3072dd

Request headers

Referer: https://static.gmlinteractive.com/desktop/css/all.18.css?Yg1yZI98fArMM-EKeqoeYA216
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:55 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="enhanced-icon.webp"
cf-bgj: imgq:100
content-length: 236
last-modified: Fri, 19 Oct 2018 12:01:26 GMT
server: cloudflare
etag: "20804f76a367d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=1304
accept-ranges: bytes
cf-ray: 4dfb15b2488ac2ae-FRA
expires: Fri, 31 May 2019 22:41:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://de.betano.com/?siteid=796
Origin: https://de.betano.com

Response headers

date: Mon, 25 Mar 2019 20:19:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 5782918
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:57 GMT

POST /
www.facebook.com/tr/ Frame 8C24 0
0

GET
H2 200 GetAllNotifications Show response
de.betano.com/missions/ 2 KB
843 B 51ms
50ms XHR
text/html 2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.betano.com/missions/GetAllNotifications?_=1559328116022

Requested by

Host: static.gmlinteractive.com
URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fecb0071c220e0650617767edc08fe893d958e533546a54a634e06e7c1528743

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://de.betano.com/?siteid=796
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
status: 200
x-farm: 16
cache-control: no-store
content-security-policy: frame-ancestors https://*.betano.com:*
cf-ray: 4dfb15b64a2bc2d1-FRA
x-xss-protection: 1; mode=block

GET
H2 200 topNotification Show response
de.betano.com/ 0
55 B 51ms
48ms XHR
text/plain 2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.betano.com/topNotification

Requested by

Host: static.gmlinteractive.com
URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://de.betano.com/?siteid=796
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
x-content-type-options: nosniff
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
status: 200
x-farm: 16
cache-control: no-store
content-security-policy: frame-ancestors https://*.betano.com:*
accept-ranges: bytes
cf-ray: 4dfb15b78ebdc2d1-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 GetSizmekIframe Show response
de.betano.com/sizmek/ 204 B
252 B 58ms
55ms XHR
text/html 2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.betano.com/sizmek/GetSizmekIframe?iframeId=20799687&_=1559328116023

Requested by

Host: static.gmlinteractive.com
URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6fa55aee05d9be7ef4d41627c584016108b88b0866a94801c84b250ee7f6a9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://de.betano.com/?siteid=796
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
status: 200
x-farm: 16
cache-control: no-store
content-security-policy: frame-ancestors https://*.betano.com:*
cf-ray: 4dfb15b78ec7c2d1-FRA
x-xss-protection: 1; mode=block

GET
H2 200 GetSizmekIframe Show response
de.betano.com/sizmek/ 204 B
252 B 121ms
120ms XHR
text/html 2606:4700::6811:5559
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.betano.com/sizmek/GetSizmekIframe?iframeId=20799693&_=1559328116024

Requested by

Host: static.gmlinteractive.com
URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03535953a54559495222d1032ca962ca7b546174ab8b75ae752844536a294b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.betano.com:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://de.betano.com/?siteid=796
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
status: 200
x-farm: 16
cache-control: no-store
content-security-policy: frame-ancestors https://*.betano.com:*
cf-ray: 4dfb15b78ecdc2d1-FRA
x-xss-protection: 1; mode=block

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=736255811&t=pageview&_s=1&dl=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&dp=%2F&ul=en...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119553376-1&cid=1844330155.1559328115&jid=786158117&_gid=1734414928.1559328115&gjid=2080786961&_v=j76&z=2080249693

35 B
102 B

18ms
17ms

Image
image/gif

2a00:1450:400c:c06::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119553376-1&cid=1844330155.1559328115&jid=786158117&_gid=1734414928.1559328115&gjid=2080786961&_v=j76&z=2080249693

Requested by

Host: de.betano.com
URL: https://de.betano.com/?siteid=796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 31 May 2019 18:41:56 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 May 2019 18:41:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119553376-1&cid=1844330155.1559328115&jid=786158117&_gid=1734414928.1559328115&gjid=2080786961&_v=j76&z=2080249693
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free-spins-graphic-small.png
static.gmlinteractive.com/desktop/images/ 416 B
557 B 15ms
12ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/free-spins-graphic-small.png?vZ5WAWKMZ_N8-4MUeIa2kA216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86effcf25bc6f019ce86ed04ddaac1d2d384a5a7da10948daa959e51059795a8

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="free-spins-graphic-small.webp"
cf-bgj: imgq:100
content-length: 416
last-modified: Fri, 19 Oct 2018 12:01:26 GMT
server: cloudflare
etag: "8c6a5076a367d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 14
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=658
accept-ranges: bytes
cf-ray: 4dfb15b7eaa2c2ae-FRA
expires: Fri, 31 May 2019 22:41:56 GMT

GET
H2 200 golden-chips-graphic-small.png
static.gmlinteractive.com/desktop/images/ 2 KB
3 KB 13ms
10ms Image
image/webp 2606:4700::6813:b110
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gmlinteractive.com/desktop/images/golden-chips-graphic-small.png?nIOqU4M9eyx9H6xL_kjzYw216
Requested by: Host: de.betano.com
URL: https://de.betano.com/?siteid=796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c08942f475f81595a12c902e1018bf952bf81fd19298fb18163141d772e511d

Request headers

Referer: https://de.betano.com/?siteid=796
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 18:41:56 GMT
cf-cache-status: HIT
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="golden-chips-graphic-small.webp"
cf-bgj: imgq:100
content-length: 2512
last-modified: Tue, 22 Jan 2019 10:15:50 GMT
server: cloudflare
etag: "27fe43733bb2d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-farm: 15
cache-control: public, max-age=14400
cf-polished: origFmt=png, origSize=5099
accept-ranges: bytes
cf-ray: 4dfb15b7eaa5c2ae-FRA
expires: Fri, 31 May 2019 22:41:56 GMT

GET
H/1.1 200
OK Cookie set ca.html
20799687p.rfihub.com/ Frame F4E2 0
0 3333ms
14ms Document
text/html 185.31.128.128
Rocket Fuel Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://20799687p.rfihub.com/ca.html?rb=35459&ca=20799687&_o=35459&_t=20799687
Requested by: Host: static.gmlinteractive.com
URL: https://static.gmlinteractive.com/desktop/js/sportsbook.min.js?MqmxY7gRBbkyTCqLSWW6dQ216
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 185.31.128.128 , United States, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: 20799687p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://de.betano.com/?siteid=796
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://de.betano.com/?siteid=796

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAF3PrQqAMBSGYfwDUQzijTjHwN3eLsG4aFxcNBp3CYtGo3HJfN74cODlO76alDFWb7tS1q46wBG-4AS_cIFdLe3hAEf4gjP8sd-gB4cWPTh20kcvfcMJzvADF3rAvyPusJuxBz4X6R-LLW_e8AEAAA;Path=/;Domain=.rfihub.com;Expires=Wed, 24-Jun-2020 18:41:59 GMT rud=H4sIAAAAAAAAAOMSNjQwMTQ1Mje3NDGyNDA1NDEytxDiM9Q1NTdIy7AI8ckzdQ-W4jU0NbU0NrIwNLS0NDAEADaG0Gc0AAAA;Path=/;Domain=.rfihub.com;Expires=Wed, 24-Jun-2020 18:41:59 GMT ruds=H4sIAAAAAAAAAOMSNjQwMTQ1Mje3NDGyNDA1NDEytxDiM9Q1NTdIy7AI8ckzdQ8GADUH9w8lAAAA;Path=/;Domain=.rfihub.com
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET ca.html
20799693p.rfihub.com/ Frame 3D77 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: popcash.net
URL: http://popcash.net/world/go/216668/462082?

Domain: stoiximan.s3.amazonaws.com
URL: https://stoiximan.s3.amazonaws.com/landing/logo_14.png

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fde.betano.com%2F%3Fsiteid%3D796%23pc224398&rl=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&if=false&ts=1559328115379&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1559328115338.1354343492&it=1559328114768&coo=false&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/tr/

Domain: 20799693p.rfihub.com
URL: https://20799693p.rfihub.com/ca.html?rb=35459&ca=20799693&_o=35459&_t=20799693

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
minently.com/	1969-12-31 23:59:59	Name: SERVERID Value: sfc15
.minently.com/	1970-01-19 01:08:52	Name: 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D Value: bFZkUFVJR2lWd0hqTUR5NlV6YVNuc0J0S0lFaTJOV2FPWjlyeUNZUXhQQ1hzMUpTMld1MktNNTFyZnd4eExXMkRFTE1ZRnhzdTVIQkpINjhGK29jT29uKzY5aGovaDN5ZlFYMy93elBXKzA9
.minently.com/	1970-01-22 16:44:48	Name: ff5a73bf63700cb9043b6acc7cb7b8d0_1559328108.8759_ck Value: djJOVVh0MEZzb3RLZmo5QkxHQzZxQm4wdjdIblRId1JndGRvQ0lCZlg5bURNakJYdjFUSjNWUUk2a01ZV09mMmVFOXUyOW0yRjN0YnpycFBWUFFqWWI1bStPTE5wempKVnVkNFlJRzY2THBMTURUaWdNNlN1a080c1krTXhLQnhEZmwvd1V6bEhPRnRwVWJwb0tWUGowdjZOci9HWWtZellLWnB6NU85WThacmo2aWEzTE05WDNwUlgxSG5oTGZFZWpXOEt5RDZHbEVnOTdzTm5GQ0lNQ25LYkF6bTRVSlpUVTVoWFU5YWZ2OHNJdjU4MmZHK1lOeFJJa2UydDVKSU9WTUZrYSs5QUZ3NHNiVWpUZElyYmRBNU9hQk0xUlNzUVh3T1ltMVZ3bXpqQXhMYnlaL0daVGgyMDl3c0tGaytqV0NkK0hOYVhic25XOGpPZDh5Q1V5N09VRWlvR1Vya01QTnBJTzJsUFh5b2UrL29yeVVuZENlVTBpK1BJV3I5cXB0SFdxT204S3lIR0RyTll1WFZIc1BEbDFmaytvN1U5SnhMMWlMWkZGUXVNNzFJdkF5OU5NQlpMUUNhMGdGak15c01Yblg5QUhqeTh2aWtvQnlkdm1PUXJIbGh3UnJIdjZNaFRpZWdGZ2pqYTVRS0FOUytJMUFEck9aV1ZZV2U5NGtUazdyK0RjOTU2amVZODhTcVNubFF1Q2tYL2VJUlVFVVN0TG44c3E4LzF2OU9uR2hpdUhGM3lZTjV0a2lseDNGbG5rWndINWtoQThCTVBHOGFQcWsra2JSUUEvc2Jyczg4NjF4cHo1c1I5a3VXSGZiS3ZSWlRiYURPeXdJSUNUYldCcDAvYjl2YUVFYy9CTjRZMlhiY3lrN08zcEZ3ckR2eUNkbGJHSUhxcFZINFYvUURwd2JpOXBISVJhbzhVb2NjbWR0UFcwUzEyZTJNZXJKZm9PODhjVWhId2IxQnc5QUNRVzJxSzh6U0M4Ri9XeDJCblIvUEZrUWJSVEpTQ3FvcS9lc2hsR0tiZ3ZXT3JJTnIrdmp6cUg4VW1MUDlTeVlIQU1UN1I3YVN1Z2drQUYveVFKZmdsQkVSaFhBVTU1YXZLTHFuVk14RWhtay9FZEVaSUE9PQ%3D%3D
.minently.com/	1970-01-22 16:44:48	Name: FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D Value: WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Zkc5Q3h0UnVsQUtnaFJNalMzdjRURFdBcVZzQ2VBYWhaZmJ3T1Z0dnpKKw%3D%3D
.minently.com/	1970-01-22 16:44:48	Name: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D Value: 1559328108.8791
.minently.com/	1970-01-22 16:44:48	Name: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D Value: ff5a73bf63700cb9043b6acc7cb7b8d0_1559328108.8759

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20799687p.rfihub.com
20799693p.rfihub.com
app8203.funysmile7.agency
best.prizedeal32.info
check-prize-online1.life
connect.facebook.net
cov.gmlinteractive.com
de.betano.com
fastdownloadonlineoem.services
fonts.gstatic.com
googleads.g.doubleclick.net
minently.com
popcash.net
ps.popcash.net
realcenter-mobileapps2.com
s3-eu-west-1.amazonaws.com
sp.analytics.yahoo.com
static.gmlinteractive.com
stats.g.doubleclick.net
stoiximan.s3.amazonaws.com
up.trkgenius.com
wlstoiximan.adsrv.eacdn.com
www.betano.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xml.poprtb.pro
20799693p.rfihub.com
popcash.net
stoiximan.s3.amazonaws.com
www.facebook.com
107.6.174.196
174.137.133.18
185.31.128.128
188.125.66.33
195.201.93.115
205.147.93.131
216.58.207.34
2606:4700:20::6819:b011
2606:4700:30::681f:5e02
2606:4700:30::681f:5f02
2606:4700::6811:5559
2606:4700::6813:b110
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:814::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2008
2a00:1450:4001:825::2004
2a00:1450:400c:c06::9d
2a03:2880:f02d:12:face:b00c:0:3
2a04:bc40:1dc8::57
52.218.64.116
54.85.224.136
79.110.23.104
91.92.196.190
99.198.108.195
049f9b078faafb7b56ea98e104c506713c5f1a41fe29deea9a178f7535fdaed0
080375d22a3195e25e9c8188a1cac3a636d8d4dd9e746c976b5f596e6b6fe6b7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
11c879dfc1dab97665cc33d72b8cf48efcfe32ca21a542ae04fbfbb4c5178976
124cf77d5ab5438b1cbd4445db096c3d279c618d8f70f001c26f0e0e8c6c0bc1
24beda66a03b58825cb21a652bdf4e9108cb9e0d838c6134397ad719075634c0
262c8ab703d82d99425d66cd353e01390068e28ed2ac60335cc576bf07fb2064
2cae5dcca8d441eae468baa07848ec67451e6d80dac5d33561d282f138116a10
2f4d9a26ae47cf38583bc9a9301aa34a06ae6f25b82e1644c66c8b70d9101472
34680eb3e61d367f13b32f25b4fd56552cd05eb0d394e2d819b3705d77af1c49
356acfec1d52ba291b985b8c289900029e0329eecd6c4ae1a9ab2a2898465eb6
35a2f95eb217f2bb7bb788b1912017720cf0d14bc35722c01652aeaa598826d9
3baa485f3cfb6e90a912ef7068c33317ea5283bc3ad535e766becee0574d83b4
3c08942f475f81595a12c902e1018bf952bf81fd19298fb18163141d772e511d
3fb55d11633f5d5e6cdc984e29b4a54e1ddba7c3a17e66e35443b3e2aa3072dd
458ae92da09bddca98d4651894545a0a24ba6ede315bf856a583dad8c73c27fc
461ed9948622061fd0647c6fc67ee965654f2f3c8968ec827c15f4246b205b72
4a49f4a2e51a5e27b41f3b7fa263dafa52d54c9a822984dd43bff03a6cca1220
5504e228069db9d68866dfa60cd333b36a47deb67ddd681adee36d4f998eab31
5a2d2fd286dca8042a3a5a76bc9032c64c52a2792a734307c76740d012641514
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
627fb9b17650afd8b41111831176f0158f67393c76fe547b42efc4d19e3976af
64674974e26e6ba36d7e95f02ad5b8d760fd3e1b5a51146f1bde40d32e6e21ef
66db3d62b35a1729b1337868f37c66e5ebd5f1b79d0f45913792973ae90e9100
69f60428fcdf54ef587c3c5a7891f937172498d3681c87263ca6e5bc954beaf7
6c4b16a373b8ca981c6663befbcec55ee3ae97c95bf5d50dd3f0b654a9381cab
6ce45c484e6de52abcd5a14f8d4447e2c578132bbcfff97d2bb0ba33526601a4
6eab46b3dfb631d7c0b5a385e810e442d6132a7fe00ba61ae14f1d3eba5a880d
6fc57895fe532a96b2ae4a099810f6362f7c9c090eda7804119755cf76e82f47
71e523319dbdfb2fba0ed16fe3d969cd485c65cb81e237fd10303cf105cb4847
7311b23b5c6f47e747739e4e589f00eb215eed3b8362b310ee4c51716053a5aa
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86effcf25bc6f019ce86ed04ddaac1d2d384a5a7da10948daa959e51059795a8
8842c76be06b539067412f235cd5c29425d575da688cbaefc1ab8c41fd71fecf
885287312439762b1d3c2a41e16081d6c9b0509fcc068e2b9a761cb1c5699301
8b1add14550332e4a7c6378085cfef1dc49050e3900a48def61cdf80e15a339e
8d3e18f68b9eaa621247ca0f82425bceaa1692917ef065aa610dad6bfe7d03c4
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8fee633102b3e2645e07d5c0f3509ebbe48f2fdaabbd83198bffa0650d09d280
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93f8d28603fa55958de393e9779e59ef7e5787cf0dfb712ba5312472d2276d77
94b4f45177645849a3b44c7afb12aa40b70b774344f209ef54b75c82185802ac
97656341b57958abfb8ba24ea053a1815e717e50c5e499868477a91226064529
993380e154421bef4d5eccc2fd46f2806b704bcfe070c5efc49c609bbdc7cfbc
9a8424513967137838c2aa72310af6f607d948f0ae4e544cf2c8097800896d12
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6
b9e02ba0f32263ca4a8fbd13a7c1d38d98f9e4caae18fa68bbce645132e22ce4
c06e9d0732c59dfd37b13386c24b62330399858724a89768b3fb93e6df24af80
c1fbc4d440c0cac0249cbbfc2ff8869df14ef863ec64052369add582a1cc67db
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1ddce37ed60d59d59f7ae4360ee0facf2f3c71d7574fd87d6015ca488f567c4
d66da37cb3ae6543f140aea71e76e4ebd546327f7838384202515f0e89d25d6b
d6fa55aee05d9be7ef4d41627c584016108b88b0866a94801c84b250ee7f6a9d
da02dd19e13f27ef4b883724160fe8807a1b160c424c3d4af02a15942a454bdb
e03535953a54559495222d1032ca962ca7b546174ab8b75ae752844536a294b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a1e9bfcfec9583eb69cde7a20cba6cab76569d551959c5eff6c9c692a29306
e8ed4c587df8e79801f52fa3f80522e96aa28a9f4aa83f1df6096589ba411ad7
ed2375d310504bbf65b4ef8e9ae3625c23706b1933504f7851f9e5eade785b2a
eecdf4c91b8e7f1ebbeeda886631d29136e520e55b1192b38832741042e6ecf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0763d5e9eef08037ef6af7e73d1b2fe5b022a03286e8752b2674a1826a120a0
f0b9c67d16e0881b8fccf36ae33bd0e1c7c6e0e71ea14304fc255b6770fb949b
f157e0fad9ec9ca348a3ab046969f1e49e0210463b6143c1916495e820d37245
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f8360cad742708bca7cfdd6b65e0c6085abbf3bb6cf22d7b8d0db0785312d1a6
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fab2e43a17f246254221c8a891e41808e180d8e46d06d1cb6617a14f23536bf4
fc47655442c8fdbe6ba213cd18cecfd44ee167efddf828f8fa14c1cab4f250a4
fecb0071c220e0650617767edc08fe893d958e533546a54a634e06e7c1528743

de.betano.com Open in urlscan Pro 2606:4700::6811:5559 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

73 %HTTPS

54 %IPv6

24 Domains

30 Subdomains

23 IPs

8 Countries

2783 kBTransfer

4931 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

de.betano.com Open in urlscan Pro
2606:4700::6811:5559 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

73 %
HTTPS

54 %
IPv6

24
Domains

30
Subdomains

23
IPs

8
Countries

2783 kB
Transfer

4931 kB
Size

6
Cookies

96 HTTP transactions
0 data transactions