www.marchsphere.com Open in urlscan Pro
2606:4700:3031::6815:1937 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
Submission: On June 03 via api (June 3rd 2023, 3:31:13 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 26 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3031::6815:1937, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchsphere.com.
TLS certificate: Issued by GTS CA 1P5 on May 30th 2023. Valid for: 3 months.

This is the only time www.marchsphere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3031::6815:1937	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3030::6815:56f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.226.179.10 5.226.179.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
22	5.226.179.19 5.226.179.19	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2 2	104.18.193.136 104.18.193.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
2 2	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2606:4700::68... 2606:4700::6812:140a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.16.45.33 104.16.45.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.170.226 104.18.170.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	217.147.127.42 217.147.127.42	201071 (VISL-IE) (VISL-IE)
2 3	13.32.121.127 13.32.121.127	16509 (AMAZON-02) (AMAZON-02)
2 2	20.234.75.0 20.234.75.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.64.145.101 172.64.145.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.3.53 35.190.3.53	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:480... 2a02:26f0:480:25::1726:6210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	52.2.198.39 52.2.198.39	14618 (AMAZON-AES) (AMAZON-AES)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
74	19

11 2606:4700:3031::6815:1937 (United States)

ASN13335 (CLOUDFLARENET, US)

www.marchsphere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:56f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.226.179.10 (United Kingdom) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bet365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 5.226.179.19 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
members.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content001.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
extra.bet365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.193.136 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

record.revenuenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
record.eshkol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, CA)

www.bovada.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.127.232.184 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media.sia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:140a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.sportsinteraction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.45.33 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.jackpotcitycasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.170.226 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.spincasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.147.127.42 (Gibraltar) 1 redirects

ASN201071 (VISL-IE, GI)
PTR: www.ic-handler.com

ic.aff-handler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.127 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-127.fra60.r.cloudfront.net

www.888casino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.888slots.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.75.0 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.powerplaybet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.145.101 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powerplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.3.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.3.190.35.bc.googleusercontent.com

record.casinotropez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:25::1726:6210 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.casinotropez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xstatic.casinotropez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt-safetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.198.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-198-39.compute-1.amazonaws.com

pro2.webtrekk-us.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bet365.de www.bet365.de — Cisco Umbrella Rank: 395020 members.bet365.de — Cisco Umbrella Rank: 367430 content001.bet365.de — Cisco Umbrella Rank: 948818 extra.bet365.de — Cisco Umbrella Rank: 879254	434 KB
16	bovada.lv www.bovada.lv — Cisco Umbrella Rank: 54165	221 KB
11	marchsphere.com www.marchsphere.com	95 KB
8	casinotropez.com 1 redirects record.casinotropez.com www.casinotropez.com xstatic.casinotropez.com	703 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	184 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3776	267 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1866 www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
2	powerplaybet.com 2 redirects www.powerplaybet.com	1019 B
2	888slots.de 1 redirects www.888slots.de	1 KB
2	spincasino.com 1 redirects www.spincasino.com	535 B
2	jackpotcitycasino.com 1 redirects www.jackpotcitycasino.com	546 B
2	sportsinteraction.com 1 redirects www.sportsinteraction.com — Cisco Umbrella Rank: 389020	425 B
2	sia.com 2 redirects media.sia.com	1017 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 987	29 KB
1	webtrekk-us.net pro2.webtrekk-us.net — Cisco Umbrella Rank: 194474	731 B
1	wt-safetag.com responder.wt-safetag.com — Cisco Umbrella Rank: 39479	29 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 10851	2 KB
1	eshkol.com 1 redirects record.eshkol.com	547 B
1	powerplay.com www.powerplay.com
1	888casino.com 1 redirects www.888casino.com — Cisco Umbrella Rank: 203789	1 KB
1	aff-handler.com 1 redirects ic.aff-handler.com — Cisco Umbrella Rank: 462765	594 B
1	revenuenetwork.com 1 redirects record.revenuenetwork.com — Cisco Umbrella Rank: 182423	541 B
1	bet365.com 1 redirects www.bet365.com — Cisco Umbrella Rank: 59877	557 B
1	unpkg.co 1 redirects unpkg.co — Cisco Umbrella Rank: 188141	514 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	920 B
0	zeronaught.com Failed ponos.zeronaught.com Failed
74	26

	Domain	Requested by
16	www.bovada.lv	www.marchsphere.com www.bovada.lv
11	content001.bet365.de	www.bet365.de
11	www.marchsphere.com	www.marchsphere.com
9	www.bet365.de	www.marchsphere.com www.bet365.de
4	www.casinotropez.com	www.marchsphere.com www.casinotropez.com
3	xstatic.casinotropez.com	www.casinotropez.com www.googletagmanager.com www.marchsphere.com
3	www.googletagmanager.com	www.bet365.de www.googletagmanager.com www.casinotropez.com
2	pixel.sitescout.com	www.bovada.lv
2	www.powerplaybet.com	2 redirects
2	www.888slots.de	1 redirects www.marchsphere.com
2	www.spincasino.com	1 redirects www.marchsphere.com
2	www.jackpotcitycasino.com	1 redirects www.marchsphere.com
2	www.sportsinteraction.com	1 redirects www.marchsphere.com
2	media.sia.com	2 redirects
2	unpkg.com	1 redirects www.marchsphere.com
1	pro2.webtrekk-us.net
1	responder.wt-safetag.com	www.bovada.lv
1	extra.bet365.de	www.bet365.de
1	up.pixel.ad	www.bovada.lv
1	www.google-analytics.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	members.bet365.de	www.bet365.de
1	record.casinotropez.com	1 redirects
1	record.eshkol.com	1 redirects
1	www.powerplay.com	www.marchsphere.com
1	www.888casino.com	1 redirects
1	ic.aff-handler.com	1 redirects
1	record.revenuenetwork.com	1 redirects
1	www.bet365.com	1 redirects
1	unpkg.co	1 redirects
1	fonts.googleapis.com	www.marchsphere.com
0	ponos.zeronaught.com Failed	www.bet365.de
74	32

This site contains no links.

Subject Issuer	Validity	Valid
www.marchsphere.com GTS CA 1P5	`2023-05-30` - `2023-08-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
bet365.de Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.bovada.lv GlobalSign GCC R3 DV TLS CA 2020	`2023-01-05` - `2024-02-06`	a year	crt.sh
www.sportsinteraction.com DigiCert SHA2 Extended Validation Server CA	`2022-11-15` - `2023-12-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.888casino.com Amazon RSA 2048 M01	`2022-12-09` - `2024-01-07`	a year	crt.sh
powerplay.com Cloudflare Inc ECC CA-3	`2023-02-13` - `2024-02-12`	a year	crt.sh
*.casinotropez.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
*.wt-safetag.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-01` - `2023-08-17`	10 months	crt.sh
*.webtrekk-us.net Amazon RSA 2048 M01	`2022-12-22` - `2024-01-20`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
Frame ID: 3D1CA916493C84B92BABF9ACA0532C5F
Requests: 13 HTTP requests in this frame

Frame: https://www.bet365.de/olp/open-account?affiliate=365_01524730
Frame ID: A541105899F8307FAA8C929E119BF6E7
Requests: 4 HTTP requests in this frame

Frame: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622
Frame ID: 58D6284BA00DD3B136A25FE40D9CA57D
Requests: 20 HTTP requests in this frame

Frame: https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/?btag=a_13327b_1794c_&siteid=13327
Frame ID: 3B2E8552651C15283FC3F33C77F0C00B
Requests: 1 HTTP requests in this frame

Frame: https://www.jackpotcitycasino.com/canada/
Frame ID: 9932C22949ADEEF33D068DAF6136B598
Requests: 1 HTTP requests in this frame

Frame: https://www.spincasino.com/ca/
Frame ID: 3C44F367444611F90379DC9E4CC7BCA6
Requests: 1 HTTP requests in this frame

Frame: https://www.888slots.de/?utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff
Frame ID: 67974A9B1DED5767D0E951E1FC913CB4
Requests: 1 HTTP requests in this frame

Frame: https://www.powerplay.com/lp/CA_1000CB_scroll/?btag=a_43174b_18875c_casino&siteid=43174
Frame ID: 89E7642038572F4B9A3F2573E6DF289C
Requests: 1 HTTP requests in this frame

Frame: https://www.casinotropez.com/
Frame ID: 8F23544414A44D027C6FC85D238AF9EB
Requests: 9 HTTP requests in this frame

Frame: https://www.bet365.de/olpc/de/75/0/1/open-account
Frame ID: 391E5309822CB641B8B2F085AB9F1B7C
Requests: 22 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01524730
Frame ID: 3E51963A1D0BE1D14210338351F933F2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 1B43C94F73F5DC07EA1C0617F3ECDA11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spin 2 Win

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

74
Requests

97 %
HTTPS

36 %
IPv6

26
Domains

32
Subdomains

19
IPs

6
Countries

1718 kB
Transfer

3111 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.co/gsap@3/dist/gsap.min.js HTTP 302
https://unpkg.com/gsap@3/dist/gsap.min.js HTTP 302
https://unpkg.com/gsap@3.11.5/dist/gsap.min.js

Request Chain 9

https://www.bet365.com/olp/open-account?affiliate=365_01524730 HTTP 302
https://www.bet365.de/olp/open-account?affiliate=365_01524730

Request Chain 10

https://record.revenuenetwork.com/_Jw3B5ZvtpYETcJdr7u8D2mNd7ZgqdRLk/12/ HTTP 301
https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Request Chain 11

https://media.sia.com/C.ashx?btag=a_13327b_1794c_&affid=7346&siteid=13327&adid=1794&c= HTTP 302
https://media.sia.com/C.ashx?btag=a_13327b_1794c_&affid=7346&siteid=13327&adid=1794&c=&AutoR=1 HTTP 302
https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd?btag=a_13327b_1794c_&siteid=13327 HTTP 301
https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/?btag=a_13327b_1794c_&siteid=13327

Request Chain 12

https://www.jackpotcitycasino.com/canada/?s=bfp23089&a=bfpadid168845 HTTP 301
https://www.jackpotcitycasino.com/canada/

Request Chain 13

https://www.spincasino.com/ca/?s=bfp23089&a=bfpadid168845 HTTP 301
https://www.spincasino.com/ca/

Request Chain 14

https://ic.aff-handler.com/c/48183?sr=1838568 HTTP 302
https://www.888casino.com/exclusive-mob/1500-mtp.htm?sr=1838568&mm_id=48183&utm_source=aff&utm_medium=casap&utm_content=100120684&utm_campaign=100120684_1838568_nodescription HTTP 301
https://www.888slots.de/?country=deu&isftd=false&lang=de&mm_id=48183&sr=1838568&st=1349&testdata=%7b%22queryserial%22%3a%221838568%22%2c%22mm_id%22%3a%2248183%22%2c%22utm_source%22%3a%22aff%22%2c%22utm_medium%22%3a%22casap%22%2c%22utm_content%22%3a%22100120684%22%2c%22utm_campaign%22%3a%22100120684_1838568_nodescription%22%2c%22orig-lp%22%3a%22https%3a%2f%2fwww.888casino.com%2fexclusive-mob%2f1500-mtp.htm%22%2c%22substrategy%22%3a%22CasapStrategy%22%2c%22currentvisittype%22%3a%22Paid%22%2c%22strategy%22%3a%22ValidSerialInQueryParam%22%2c%22strategysource%22%3a%22currentvisit%22%7d&utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff HTTP 301
https://www.888slots.de/?utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff

Request Chain 15

https://www.powerplaybet.com/C.ashx?btag=a_43174b_18875c_&affid=7003719&siteid=43174&adid=18875&c=casino HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43174b_18875c_&affid=7003719&siteid=43174&adid=18875&c=casino&AutoR=1 HTTP 302
https://www.powerplay.com/lp/CA_1000CB_scroll/?btag=a_43174b_18875c_casino&siteid=43174

Request Chain 16

https://record.eshkol.com/_Pdj5nw-Nc2kMJGdq9P6W22Nd7ZgqdRLk/102/ HTTP 301
https://record.casinotropez.com/?member=2217&channel=&dy_var=znmrFUsbxQ5S_15WTNMCmWNd7ZgqdRLk&dest=https://www.casinotropez.com/ HTTP 301
https://www.casinotropez.com/

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request spinner-ca-mcd0002 Show response
www.marchsphere.com/ca/ 2 KB
1 KB 354ms
128ms Document
text/html 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8c1f5faeefdbe66cf81974b0073a6fdbe2510d39e580c7ddbe96ce5e8bed56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d18fb37bf6fbbf7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD9qsZVUKSlGHRwM%2B8DDnhnx1bT7R8cuBJnpPBApH3Lz%2FQrXKtjQsOa3P9O8t3az%2Bql%2BZn2sSfUOJAgV8HuaW3xPGJdjwfNrdwgi1iv8XfioHT1xjaAOGRDACJ3zS%2FufmXkd6w5QiANl2IkyzjlgFxOW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 1 KB
920 B 143ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 14:04:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 15:31:08 GMT

GET
H2 200 style.css
www.marchsphere.com/css/ 3 KB
1 KB 124ms
122ms Stylesheet
text/css 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/css/style.css

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851062f8862a284c51e4334c1c90cc8f9ef03360585797526df27421dc729e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"fd5e1f2db08de9f784fa284d66cb19c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzGntAowO38QwIKtrLK11Cr1lHcMmkWkc%2B3LGB5U%2Fs094kYsliShv3QF%2BDj7dmzJtRvxgeuqSrUjT6x7dniquWqBUDrXANErmwkfIr2hsQP2WFqauYwAEYR%2B9Ien5gGmscOnfX3%2FYxUFAGU%2FS6fCqN2p"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d953bbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js Show response
www.marchsphere.com/js/ 99 KB
37 KB 154ms
152ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bb604d350177bdb59a2f63c40778333acb92033a7054239afbd2e7868a7194

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"46c9f00f6b42073479d65b5887a52c4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FbyIdsYLfhCBsq9kMMqWKOAp9qGBitUIEQOTSNO8p76jFgOpIIXW8YwgEyi0xl5Uw2EWymNAIpbq0J0jrhIzXMgUfkz6C6iI%2BYsaLAb4J2GQDmaiVUO542mC2lJRefso%2F%2B7VVLcHWv%2BRkffgd6rTm5a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d955bbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

gsap.min.js Show response
unpkg.com/gsap@3.11.5/dist/
Redirect Chain

https://unpkg.co/gsap@3/dist/gsap.min.js
https://unpkg.com/gsap@3/dist/gsap.min.js
https://unpkg.com/gsap@3.11.5/dist/gsap.min.js

70 KB
28 KB

51ms
49ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/gsap@3.11.5/dist/gsap.min.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6738666
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GVR3MPXWXHB446FQME2Q9SSG-fra
server: cloudflare
etag: W/"116cd-D8Jjv7hfUyyPd6zCDICiriGtqIM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d18fb3adf2d90d7-FRA

Redirect headers

date: Sat, 03 Jun 2023 15:31:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H20XSK4S66FAR7RRTMP5C9XJ-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 357
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /gsap@3.11.5/dist/gsap.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d18fb3a7ebe90d7-FRA

GET
H2 200 Draggable.min.js Show response
www.marchsphere.com/js/ 34 KB
14 KB 119ms
117ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/Draggable.min.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ff62717f018de6fd60a74da868934ac8ce13bc5204f5d774312c03d2393fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"2cd9b62178745f506d9fc017635143c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D70uf9UQcn2ckdlq2GilIwlwszmFklT8Mro6x0%2BhIx0vZRffxfUHUNfkYVN8vS28ZArwFWmAWI4mDcs9p7f3%2FYp6RuORPbJOw%2BgenqwshkbHdkiWC1oRsDN7kPBwZ2g6gJGJ0xI0QYVNk12IGOKUI2Xd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d957bbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 InertiaPlugin.min.js Show response
www.marchsphere.com/js/ 7 KB
3 KB 149ms
147ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/InertiaPlugin.min.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55b95356a00c3771d857a4cbc47a2e61bced6840c1530ca20437c084dc2a55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"03d77157f290c03dca46cdaad89b2c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br9pi%2Bvh3A%2BcoFKrtMX1J9BR%2BV327JD7B7ybbnRccsERZX6jdypsPBbHqJMTmFwJAWFaAPxPH0Jl%2B%2FGlycwfpRexA%2FoPwkWRtE8ryjY5zMDTb0%2FmnEOXhrTtic9%2B9WnSNU%2BzY7V%2FP0%2FFaGFJSzwWTwp%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d958bbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 TextPlugin.min.js Show response
www.marchsphere.com/js/ 10 KB
4 KB 122ms
121ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/TextPlugin.min.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bb9b4fe4276aa06a908b7121104bdfcc0a374486e94b56b7d17146e02efeb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"57267fc0485718f6782cc13c334fa87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeIpNfGuBUmYLXeW6tqfVUkD7DXMs8lCwzhkngdIHkBvPKy94DPc2sKc3PgJhA%2F2zUR4Emm%2Fw%2FsgMz4EJtlMuMgSrUts2PfxmKYV8PrGisl5rJPGBkNeR95dChC2%2FX%2FVSO9WZqzwDtKpQBRVc%2BDGtWGQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d95abbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Spin2WinWheel.min.js Show response
www.marchsphere.com/js/ 11 KB
4 KB 115ms
114ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/Spin2WinWheel.min.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f442599e943e25050af27b21ed2d4aa6ae447fe5d02f0615e90e0f70043a5a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8f24a4a121624beaae08cb901df52e32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvt%2Fde%2BxPyTj6lboWhujZqflsQ9hmsvoK24BKhZYlJBDXcsgAq5Nqec03AjLA6fLJrJl8lCEuOeQJZyfuwp10nz%2FX%2FIzkjHoR%2Fjqcl2TeVR36917GwKUNbTa0FGTzCztE4Bod6DxElJbaf8wR7MMuJ1t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d95bbbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 index-mcd0002.js Show response
www.marchsphere.com/js/ 2 KB
1 KB 128ms
127ms Script
application/javascript 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/js/index-mcd0002.js

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fa333779deb19633d351315deab05658783630c8f6a62ec1b8e2ca387babe81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"189216ea10b68957eb6afcd94dbbf441"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmQuaEc8MpK6ddxj%2FTC9vtB8H2DNdHKpUSpIT7WOe3R9uQaY0XxIj8O%2BHnAJs5VhPDdqJo77jEcgedm1aJEVzpZSZMD%2FB48Y2GZyPjuJ4BIEZZ90T%2BxtIQj0wAylWDGUiaynROULlWK52T9zz%2BZK3P0z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb38d95cbbf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

open-account Show response
www.bet365.de/olp/ Frame A541
Redirect Chain

https://www.bet365.com/olp/open-account?affiliate=365_01524730
https://www.bet365.de/olp/open-account?affiliate=365_01524730

5 KB
5 KB

308ms
82ms

Document
text/html

5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olp/open-account?affiliate=365_01524730
Requested by: Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc572462159828d2f8cd3d65c944825a5616b332533e29ecb989cda018c2507

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d18fb3d4f91360f-FRA
Connection: keep-alive
Date: Sat, 03 Jun 2023 15:31:09 GMT
Server: cloudflare
ServerDetails:
Transfer-Encoding: chunked

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d18fb3b5bc23834-FRA
Connection: keep-alive
Date: Sat, 03 Jun 2023 15:31:08 GMT
Location: https://www.bet365.de/olp/open-account?affiliate=365_01524730
Server: cloudflare
ServerDetails:
Transfer-Encoding: chunked

GET
H2

200

/ Show response
www.bovada.lv/betting-offers/casino-welcome-bonus/ Frame 58D6
Redirect Chain

https://record.revenuenetwork.com/_Jw3B5ZvtpYETcJdr7u8D2mNd7ZgqdRLk/12/
https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

22 KB
7 KB

365ms
43ms

Document
text/html

163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

614de85f5ebb4b3a1fa2f4e3ae9f225b745debc71c4f32137c7b698c1eca3367

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76551
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html
date: Sat, 03 Jun 2023 15:31:09 GMT
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
strict-transport-security: max-age=16070400
via: 1.1 PSmgdfDEN1jc92:7 (W), 1.1 hx172:9 (W), 1.1 PSfgblPAR2ff185:3 (W), 1.1 PSdgflkfFRA1gi91:12 (W)
x-px: ht PSdgflkfFRA1gi91FRA
x-ws-request-id: 647b5cbd_PSdgflkfFRA1vg90_20230-4566

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status: BYPASS
cf-ray: 7d18fb3f6ada995c-FRA
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:09 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
H2

200

/
www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/ Frame 3B2E
Redirect Chain

https://media.sia.com/C.ashx?btag=a_13327b_1794c_&affid=7346&siteid=13327&adid=1794&c=
https://media.sia.com/C.ashx?btag=a_13327b_1794c_&affid=7346&siteid=13327&adid=1794&c=&AutoR=1
https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd?btag=a_13327b_1794c_&siteid=13327
https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/?btag=a_13327b_1794c_&siteid=13327

0
0

277ms
274ms

Document
text/html

2606:4700::6812:140a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/?btag=a_13327b_1794c_&siteid=13327

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:140a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d18fb415ec918af-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:09 GMT
link: <https://static.sportsinteraction.com/packs/css/application-5a828738.chunk.css>; rel=preload; as=style; type=text/css,<https://static.sportsinteraction.com/packs/js/vendors-64b998dda6855ed412a4.chunk.js>; rel=preload; as=script; type=text/javascript,<https://static.sportsinteraction.com/packs/js/application-940115d07022212ce6fa.chunk.js>; rel=preload; as=script; type=text/javascript,<https://static.sportsinteraction.com/packs/media/fonts/LatoLatin-VF-09a9ffe5ba407bdbb3232b3ee2359d5e.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://static.sportsinteraction.com/packs/media/fonts/LatoLatin-BoldItalic-c4ee370563b519badbfffaf9295ffe2b.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://static.sportsinteraction.com/packs/media/fonts/icomoon-37cbed03bd157ec4276b9eb8302b30ea.woff>; rel=preload; as=font; type=font/woff; crossorigin=anonymous,<https://static.sportsinteraction.com/betting_menu.json>; rel=preload; as=fetch; type=application/json; crossorigin=anonymous,<https://static.sportsinteraction.com/packs/css/application-5a828738.chunk.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
sia: 2-28
status: 200 OK
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 5219fdc2-1bf5-4875-afe1-78a8a2222a94
x-runtime: 0.080122
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3f0b5d18af-FRA
content-type: text/html
date: Sat, 03 Jun 2023 15:31:09 GMT
location: https://www.sportsinteraction.com/promos/landers/acq-casino-150-1000-wd/?btag=a_13327b_1794c_&siteid=13327
server: cloudflare
sia: 1-22
vary: Accept-Encoding

GET
H2

200

/
www.jackpotcitycasino.com/canada/ Frame 9932
Redirect Chain

https://www.jackpotcitycasino.com/canada/?s=bfp23089&a=bfpadid168845
https://www.jackpotcitycasino.com/canada/

0
0

584ms
584ms

Document
text/html

104.16.45.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jackpotcitycasino.com/canada/

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.45.33 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3d2c930857-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:09 GMT
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3b7a420857-FRA
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:08 GMT
location: /canada/
server: cloudflare
x-powered-by: ASP.NET

GET
H2

200

/
www.spincasino.com/ca/ Frame 3C44
Redirect Chain

https://www.spincasino.com/ca/?s=bfp23089&a=bfpadid168845
https://www.spincasino.com/ca/

0
0

554ms
554ms

Document
text/html

104.18.170.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spincasino.com/ca/

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.170.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3d2fb0bb5b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:09 GMT
expires: -1
pragma: no-cache
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3b7d4fbb5b-FRA
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:08 GMT
location: /ca/
server: cloudflare
x-powered-by: ASP.NET

GET
H2

200

/
www.888slots.de/ Frame 6797
Redirect Chain

https://ic.aff-handler.com/c/48183?sr=1838568
https://www.888casino.com/exclusive-mob/1500-mtp.htm?sr=1838568&mm_id=48183&utm_source=aff&utm_medium=casap&utm_content=100120684&utm_campaign=100120684_1838568_nodescription
https://www.888slots.de/?country=deu&isftd=false&lang=de&mm_id=48183&sr=1838568&st=1349&testdata=%7b%22queryserial%22%3a%221838568%22%2c%22mm_id%22%3a%2248183%22%2c%22utm_source%22%3a%22aff%22%2c%2...
https://www.888slots.de/?utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff

0
0

281ms
281ms

Document
text/html

13.32.121.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.888slots.de/?utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-127.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: F8ttqhkIDoEEQ0g=
content-encoding: br
content-security-policy: frame-ancestors 'self' *.genesazrak.com *.888casinoarabic.net *.arabiccasino888.com *.casinoarabic888.com *.casinoarabic-888.com *.888-casinoarabic.com *.888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost:* https://localhost:* *.bingosys.net *.secured-igaming-usa.com *.888.pt *.sisportsbook.com *.888poker.de *.888slots.de *.safe-iplay.com *.safe-installation.com *.payoutscentral.com *.triple8holdem.com *.888.com *.secured-qa.com *.secured-registration.com *.secureutils.com *.images4us.com *.onlinepersonalmessages.com *.888sport.com *.888sport.es *.888sport.it *.888sport.dk *.888sport.ro *.888sport.se *.888sport.us *.888sport.de *.777.com *.personalinfoonline.com *.888.de *.888casino.com *.888poker.com *.888casino.dk *.888poker.dk *.888.de *.888casino.ro *.888poker.ro *.888casino.se *.888poker.se *.888casino.es *.888poker.es *.888casino.it *.888poker.it *.888casino.us *.888poker.us *.888ladies.com *.888.pt cmsp *.harrahscasino.com *.wsop.com *.delawarepark.com *.doverdowns.com *.harringtongamingonline.com *.secured-igaming-services.com *.secured-igaming-usa.com *.igaming-services.com *.888.ca *.888casino.ca *.888poker.ca *.888sport.ca *.888.nl *.888casino.nl *.888poker.nl *.888sport.nl *.ar-888-casino.com *.888casino-ar.com *.ar888-casino.com *.arab888-casino.com *.casinoelarab-888.com *.alarab-888casino.com *.casinoalarab-888.com *.888casino-alarab.com *.888casino-arabian.com *.arabian-888casino.com *.888-casino-arabian.com *.888-casino-alarab.com *.ballysdover.com *.888casino-uae.com *.playat888-games.com *.888casino-game.com *.online-arabic-casino.net *.tripleeight.live *.playat888online.com *.888games-uae.com *.triple-eight-games.com *.play-casino-now.com *.888slots-uae.com *.888-uae.com *.mrgreen.de *.mrgreen.se *.mrgreen.com *.mrgreen.dk
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 15:31:09 GMT
p3p: CP="Read our privacy policy at http://www.888.com/security-and-privacy/privacy-policy.htm"
vary: Accept-Encoding,User-Agent
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: oPoFb22K457BoVD9GWphQgRkdp1yHrv-cDE5iNEpGLiYfkHlOZs47Q==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-wcs-correlation-id: oPoFb22K457BoVD9GWphQgRkdp1yHrv-cDE5iNEpGLiYfkHlOZs47Q==

Redirect headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: F8ttohDFjoEEJqw=
content-length: 0
date: Sat, 03 Jun 2023 15:31:09 GMT
location: https://www.888slots.de/?utm_campaign=100120684_1838568_nodescription&utm_content=100120684&utm_medium=casap&utm_source=aff
p3p: CP="Read our privacy policy at https://www.888.com/security-and-privacy/privacy-policy/"
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-id: ch1Bf8p7Fl2Idu7F3V20QT55382yy0D76pMMMLMpjAWzNG3FZpedPg==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-wcs-correlation-id: ch1Bf8p7Fl2Idu7F3V20QT55382yy0D76pMMMLMpjAWzNG3FZpedPg==

GET
H2

200

/
www.powerplay.com/lp/CA_1000CB_scroll/ Frame 89E7
Redirect Chain

https://www.powerplaybet.com/C.ashx?btag=a_43174b_18875c_&affid=7003719&siteid=43174&adid=18875&c=casino
https://www.powerplaybet.com/C.ashx?btag=a_43174b_18875c_&affid=7003719&siteid=43174&adid=18875&c=casino&AutoR=1
https://www.powerplay.com/lp/CA_1000CB_scroll/?btag=a_43174b_18875c_casino&siteid=43174

0
0

396ms
158ms

Document
text/html

172.64.145.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerplay.com/lp/CA_1000CB_scroll/?btag=a_43174b_18875c_casino&siteid=43174

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.101 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7d18fb3f5d97994b-FRA
content-encoding: br
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Sat, 03 Jun 2023 15:31:09 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 208
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Jun 2023 15:31:09 GMT
Location: https://www.powerplay.com/lp/CA_1000CB_scroll/?btag=a_43174b_18875c_casino&siteid=43174
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

/ Show response
www.casinotropez.com/ Frame 8F23
Redirect Chain

https://record.eshkol.com/_Pdj5nw-Nc2kMJGdq9P6W22Nd7ZgqdRLk/102/
https://record.casinotropez.com/?member=2217&channel=&dy_var=znmrFUsbxQ5S_15WTNMCmWNd7ZgqdRLk&dest=https://www.casinotropez.com/
https://www.casinotropez.com/

358 KB
77 KB

171ms
41ms

Document
text/html

2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.casinotropez.com/
Requested by: Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/mcd0002-a1388a7d-df58-4bf3-b21f-66165abc18c0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e374e87410fc9c645820164a729db28bc7673168ecfaff7ae4ae3ec76020902

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 78266
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 15:31:09 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/octet-stream
date: Sat, 03 Jun 2023 15:31:09 GMT
location: https://www.casinotropez.com/
server: openresty
via: 1.1 google

GET
H3 200 wheel_data_mcd0002.json Show response
www.marchsphere.com/ 2 KB
1 KB 112ms
112ms XHR
application/json 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/wheel_data_mcd0002.json

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/js/index-mcd0002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d261c726c2dfe20843d35e93f853e27005832380a3923ebf9be0cb0b68fe4ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"a753a8a0cbf33e06e7515a6b70f20de2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch9pY%2FuVbtdFe0YYE7%2B%2FgPVT8xcO6CX1cMFk2OPAsZNmrut%2BUozhIJwVXKfe2yf%2FkUj%2B3sA5lru1dVvUTKDVzg3PFvxZgIy%2B0YzfM4IKD8hkLoehuEWgTUug7%2FizHI2H9xo34%2BUpzDaQuVNCCUTis89y"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d18fb3b49f83720-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
www.marchsphere.com/media/ 25 KB
25 KB 159ms
158ms Image
image/png 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marchsphere.com/media/logo.png

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7163d2886f01465e2afb239c0c401a931d7ce3e682b3eaf4d3f37c7b84c6615d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25204
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cafcb3d213396d3a4ccd1bda1f41b151"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5XmUIScd6WyoZE4%2Fb%2BllA%2FApAZZgezXcoGfDrMQXfbW6ZbiQePAeCutySx1n1QggAJwTTBDpZSsx4NBTmP3dgTuot2Apwy9MULJOVFCAeMleQSRMNspT9BCzjpRGZ0FCoEioaPhaC9nzJqXZBf75XPx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d18fb3c5bd83720-FRA

GET
H3 200 wheel_tick.mp3
www.marchsphere.com/ca/media/ 2 KB
3 KB 96ms
96ms Media
text/html 2606:4700:3031::6815:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marchsphere.com/ca/media/wheel_tick.mp3

Requested by

Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1937 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dde9ffb1573cd744a62513ffa55523f6a2b6eba17d3113fd256fae9c13df370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pgR%2BUHZa%2FeWe%2BmEl1W2HBAo4g%2B1S%2BruJrS3NXSNGg6%2Bz3stno7G2WWmYVlUbai4z1p52jjd%2F4uLCyxc3vWKNaS4c8j2VIzcln9A%2BRBrQcSNns3PlivhfCJ3P7A0aDgyXNm4Dn70y1n%2Fqb8%2BLU5%2BzTPI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d18fb3d3d2a3720-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A541 109 KB
43 KB 224ms
47ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01524730

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fa78e2995367c5efd6d4e8e2cb611acd90d2a0cf04643b410a0af289a3ed8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43354
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK open-account Show response
www.bet365.de/olpc/de/75/0/1/ Frame 391E 47 KB
14 KB 54ms
54ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bet365.de/olpc/de/75/0/1/open-account

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01524730

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0cb3b390eba9349ee31a4eb247cca78b4b7ace278d78eff8780accadff7d28e

Security Headers

Name

Value

Content-Security-Policy

default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.de 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.de/ https://content001.bet365.de/SportsContent/ 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';font-src 'self' data: 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA='; connect-src 'self' *.bet365.de

Request headers

Referer: https://www.bet365.de/olp/open-account?affiliate=365_01524730
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 12049
CF-Cache-Status: HIT
CF-RAY: 7d18fb3df8db360f-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13216
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.de 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.de/ https://content001.bet365.de/SportsContent/ 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA=';font-src 'self' data: 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA='; connect-src 'self' *.bet365.de
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Jun 2023 15:31:09 GMT
Last-Modified: Sat, 03 Jun 2023 12:09:54 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK DefaultAff.aspx Show response
members.bet365.de/Members/Helpers/ Frame 3E51 84 B
816 B 369ms
189ms Document
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01524730
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olp/open-account?affiliate=365_01524730
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer: https://www.bet365.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d18fb3f18cf0378-FRA
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Jun 2023 15:31:09 GMT
ME-Redirect: PQB
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK FTN45__W.woff2
www.bet365.de/olpc/Content/Fonts/ Frame 391E 45 KB
45 KB 57ms
54ms Font
application/octet-stream 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/Content/Fonts/FTN45__W.woff2
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751

Request headers

Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
Origin: https://www.bet365.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: HIT
Last-Modified: Sat, 03 Jun 2023 12:08:16 GMT
Server: cloudflare
Age: 12165
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d18fb3f0acd360f-FRA
Content-Length: 45892

GET
H/1.1 200
OK olpc-styles.css
www.bet365.de/olpc/ Frame 391E 411 KB
126 KB 165ms
92ms Stylesheet
text/css 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-styles.css?v=ixN4M2NK9F29eMx3vQnLiS8_4Al7O3MWP37YOC1mzCQ1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55432b90d51596234bde8ca5f6373e363a6e9b66485ca09a1aec1057444daf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 03 Jun 2023 07:52:05 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 7d18fb3f7b8c360f-FRA
Expires: Sun, 02 Jun 2024 07:52:05 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 391E 10 KB
4 KB 208ms
122ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938be9a666ad7c7f2d3433915964417613c1a0a3a7de7261f7f9420747f9702e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 03 Jun 2023 15:31:09 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7d18fb3f8d7f1911-FRA
Expires: 0

GET
H/1.1 200
OK olpc-scripts.js Show response
www.bet365.de/olpc/ Frame 391E 30 KB
11 KB 138ms
52ms Script
text/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/olpc-scripts.js?v=IlMSGJN60jQn7gZ-jEIJSvS9YO9wPI0NFFPIBwc6xTM1
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7989b98fc2d7be785da753fe469d9a107e8fc3af43960ed891c01c222f81be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 03 Jun 2023 12:14:23 GMT
Server: cloudflare
Age: 11804
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d18fb3f8ef6bb80-FRA
Content-Length: 10464
Expires: -1

GET
H/1.1 200
OK Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 391E 15 KB
6 KB 201ms
90ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:23 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7d18fb4108d49b21-FRA
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK Paysafe%20Card.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 391E 9 KB
4 KB 146ms
56ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 09 Sep 2021 09:14:02 GMT
Server: cloudflare
Age: 91162
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb414a9a9202-FRA
Content-Length: 3828
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK Paypal.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 391E 7 KB
3 KB 161ms
92ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 09 Sep 2021 09:13:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb41ba169b21-FRA
Content-Length: 2832
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK PayZ_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 391E 3 KB
2 KB 154ms
85ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/PayZ_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 09 May 2023 10:24:00 GMT
Server: cloudflare
ETag: W/"0a09d5e6082d91:0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7d18fb41bb459202-FRA
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK Sofort_Landingpage.svg
content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/ Frame 391E 3 KB
2 KB 175ms
89ms Image
image/svg+xml 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/FeaturesTemplate/SVG/Payment/Sofort_Landingpage.svg
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 09 May 2023 16:17:00 GMT
Server: cloudflare
ETag: W/"026e1ae9182d91:0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=432000
Connection: keep-alive
Timing-Allow-Origin: *
CF-RAY: 7d18fb41dacf1e4c-FRA
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK GordonMoody-GT-x2_Grey99.png
content001.bet365.de/SportsContent/Global/Footer/GordonMoody/ Frame 391E 5 KB
6 KB 178ms
89ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb41dda8bba3-FRA
Content-Length: 5324
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK SPORTSX1-ESSA_2.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 391E 6 KB
7 KB 97ms
74ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb41dd4bbbdf-FRA
Content-Length: 6386
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK GGL_Grey-2x.png
content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/ Frame 391E 2 KB
2 KB 137ms
90ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/GGL/PNG/x2/GGL_Grey-2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac97b0520a8964b7bbb241a4f2d43f8c473b25b2946451a0dee98d0287a6ab32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 20 Dec 2022 10:14:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb42092c905b-FRA
Content-Length: 1659
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK eCogra-Horizontal2x.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 391E 2 KB
2 KB 103ms
98ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/eCogra-Horizontal2x.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb428ee4bba3-FRA
Content-Length: 1671
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK SPORTSX2-18.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 391E 4 KB
5 KB 92ms
88ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/SPORTSX2-18.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb428e2dbbdf-FRA
Content-Length: 4400
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK bet365%20grey%20footer%20logo.png
content001.bet365.de/SportsContent/Global/Footer/ Frame 391E 8 KB
8 KB 88ms
86ms Image
image/png 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content001.bet365.de/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=432000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
CF-RAY: 7d18fb428c031e4c-FRA
Content-Length: 7868
Expires: Thu, 08 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 391E 990 B
1 KB 94ms
91ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/olpc/de/75/0/1/open-account
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa29aeaa549a9caa7c64b9139fd4585ce61e8b6956689286f253088e35f9f590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 03 Jun 2023 15:31:09 GMT
Server: cloudflare
x-bet-hop: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
CF-RAY: 7d18fb415f46360f-FRA
Expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A541 252 KB
85 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cab891d71f164d5e0725fcbb26b9abbf133398087a3c4275b8f642be8dd696c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 15:31:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame A541 0
244 B 156ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=45je35v0&_p=1739130857&gcs=G1-0&cid=1531798790.1685806270&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1685806269&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.de%2Folp%2Fopen-account%3Faffiliate%3D365_01524730&dt=Er%C3%B6ffnungsangebot&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 15:31:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bet365.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DesktopCreative.png
xstatic.casinotropez.com/offers/offers/assets/images/web/ Frame 8F23 235 KB
236 KB 326ms
293ms Image
image/png 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xstatic.casinotropez.com/offers/offers/assets/images/web/DesktopCreative.png
Requested by: Host: www.casinotropez.com
URL: https://www.casinotropez.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 707359eebd042007ecf2cc74bae1d551faa039d420650f076582bae6aa767984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
last-modified: Tue, 16 May 2023 08:47:33 GMT
etag: "64634325-3ac71"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 240753
expires: Sat, 10 Jun 2023 15:31:09 GMT

GET
H2 200 LiveCasino.jpg
www.casinotropez.com/offers/assets/images/web/ Frame 8F23 47 KB
48 KB 125ms
121ms Image
image/jpeg 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.casinotropez.com/offers/assets/images/web/LiveCasino.jpg
Requested by: Host: www.casinotropez.com
URL: https://www.casinotropez.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4a43c8eef1312b5121c86145c6c71d317ec36ce115beb05b566633a720665fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
last-modified: Thu, 01 Jun 2023 12:20:30 GMT
server: nginx
etag: "64788d0e-bd58"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 48472
expires: Sat, 10 Jun 2023 15:31:09 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8F23 152 KB
56 KB 59ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4L38P

Requested by

Host: www.casinotropez.com
URL: https://www.casinotropez.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

414b503374b2c0cfdc0fee19b6cd3dafc3088c3dd2c045eeac9125cd88864a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57487
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 15:31:09 GMT

GET
H2 206 aog-of-gods.webm
www.casinotropez.com/offers/assets/images/web/ Frame 8F23 251 KB
252 KB 44ms
44ms Media
video/webm 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.casinotropez.com/offers/assets/images/web/aog-of-gods.webm
Requested by: Host: www.casinotropez.com
URL: https://www.casinotropez.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 14144d3ea531e950a4470cb3afedf24e66c62bb779136e5b1800c363c6bf6dc2

Request headers

Referer: https://www.casinotropez.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
last-modified: Thu, 01 Jun 2023 12:20:30 GMT
server: nginx
etag: "64788d0e-3eb06"
content-type: video/webm
Content-Range: bytes 0-256773/256774
cache-control: public, max-age=600
accept-ranges: bytes
Content-Length: 256774
expires: Sat, 03 Jun 2023 15:41:09 GMT

GET
H2 206 premium-roulette.webm
www.casinotropez.com/offers/assets/images/web/ Frame 8F23 76 KB
76 KB 105ms
104ms Media
video/webm 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.casinotropez.com/offers/assets/images/web/premium-roulette.webm
Requested by: Host: www.casinotropez.com
URL: https://www.casinotropez.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4c88d9696a320e579f9572eea63ccc2b3a661fae72ccfe9870ac43da80f4467

Request headers

Referer: https://www.casinotropez.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
last-modified: Thu, 01 Jun 2023 12:20:30 GMT
server: nginx
etag: "64788d0e-13036"
content-type: video/webm
Content-Range: bytes 0-77877/77878
cache-control: public, max-age=600
accept-ranges: bytes
Content-Length: 77878
expires: Sat, 03 Jun 2023 15:41:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8F23 51 KB
21 KB 184ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4L38P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 14:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3342
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 16:35:27 GMT

GET
H2 200 gdpr-cookies.min.js Show response
xstatic.casinotropez.com/utils/api-login/media/js/ Frame 8F23 27 KB
9 KB 103ms
40ms Script
application/javascript 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xstatic.casinotropez.com/utils/api-login/media/js/gdpr-cookies.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4L38P
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: b2a88ce6f9cf2ec794278ade62ee8b9d14f755a95f54027e1269e380f889cb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: gzip
content-length: 8515
last-modified: Mon, 20 Jan 2020 14:18:47 GMT
server: Apache
etag: "6ab5-59c92f837d7ef-gzip"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: private, max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 10 Jun 2023 15:31:09 GMT

GET
H2 200 mts.min.js Show response
xstatic.casinotropez.com/utils/api-login/media/js/ Frame 8F23 17 KB
6 KB 100ms
38ms Script
application/javascript 2a02:26f0:480:25::1726:6210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xstatic.casinotropez.com/utils/api-login/media/js/mts.min.js
Requested by: Host: www.marchsphere.com
URL: https://www.marchsphere.com/ca/spinner-ca-mcd0002?zone=23456
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 50576baf213044ecb44efd95de27bf52e18ca9a17895cf2650a781744c2b1540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casinotropez.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: gzip
content-length: 5678
last-modified: Mon, 14 Mar 2022 10:46:00 GMT
server: Apache
etag: "44d7-5da2b62d5bc94-gzip"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: private, max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 10 Jun 2023 15:31:09 GMT

GET
H/1.1 200
OK ProductCommon_v1.js Show response
www.bet365.de/members/services/host/Scripts/js/ Frame 391E 308 KB
178 KB 94ms
54ms Script
application/javascript 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMA04YGIAQAASq0pcB5Enx20surPWOZYqJAAz2Baqo_HlMmEd_hAB5tkW5id&PIRXTcSdwp--z=q
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8fb2395d5576c992c88c029a09527c918c14c77c6299c9025f9b395982c7513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:09 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 03 Jun 2023 15:30:00 GMT
Server: cloudflare
x-bet-hop: 1
Age: 69
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
CF-RAY: 7d18fb4258e2360f-FRA

GET
H2 200 styles.css
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/css/ Frame 58D6 5 KB
2 KB 45ms
44ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/css/styles.css?v=2

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e448679f796dc4f93e2469d6b841742397ebd47995d7dc72329e6e99dcc625a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:09 GMT
content-encoding: gzip
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
via: 1.1 PSmgdfDEN1jc92:9 (W), 1.1 hx171:0 (W), 1.1 kf230:0 (W), 1.1 PSdgflkfFRA1vg90:7 (W)
server: PWS/8.3.1.0.8
age: 20358
x-ws-request-id: 647b5cbd_PSdgflkfFRA1vg90_20230-4574
content-type: text/css
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1vg90FRA
accept-ranges: bytes

GET
H2 200 up.js Show response
up.pixel.ad/assets/ Frame 58D6 3 KB
2 KB 140ms
40ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 460439
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: a3af1991fef547a25ef7a2c853eda520

GET
H2 200 bvd-logo.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 1 KB
2 KB 49ms
42ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/bvd-logo.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

5b20e76d611c95a36823a7d9e6a1d2bb33186646795dba7e781e706d351dd768

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-01cry236:6 (W), 1.1 PS-YUL-01DBW97:1 (W), 1.1 kf230:3 (W), 1.1 PSdgflkfFRA1gi91:19 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4609
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 1316

GET
H2 200 hero-logos.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 6 KB
7 KB 50ms
43ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/hero-logos.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

74b4bed0666945f038b0426cbb17acfda3f128b016e624a85e46b9d3eb47bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-04vIR146:9 (W), 1.1 PS-YUL-01SRZ95:8 (W), 1.1 PSdgflkfFRA1ox201:13 (W), 1.1 PSdgflkfFRA1je97:10 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4610
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1je97FRA
accept-ranges: bytes
content-length: 6300

GET
H2 200 LP-Desktop-Casino.jpg
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 31 KB
31 KB 89ms
83ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/LP-Desktop-Casino.jpg

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

794d9ac972b608c40be8e1fdcaf4c992113ed878b534412e511b8fd791dc23b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-04vIR146:9 (W), 1.1 PS-YUL-01Ge696:9 (W), 1.1 PSdgflkfFRA1ox201:10 (W), 1.1 PSdgflkfFRA1gi91:7 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4611
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 31515

GET
H2 200 mobile-img.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 46 KB
47 KB 54ms
47ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/mobile-img.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ceee4b9cfd7e6168e374009f8f4179f34cbacd12e3b1544ecf703f494b6b5c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PSmgdfDEN1ka90:10 (W), 1.1 hx171:8 (W), 1.1 PSdgflkfFRA1ox201:1 (W), 1.1 PSdgflkfFRA1je97:2 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4612
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1je97FRA
accept-ranges: bytes
content-length: 47515

GET
H2 200 refer-img.jpg
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 32 KB
32 KB 130ms
123ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/refer-img.jpg

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

5f2eb09def15481d267ebaf76e148b4b1daefdc18856ad289cc728381f4ff6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-04vIR146:9 (W), 1.1 PS-YUL-01DBW97:6 (W), 1.1 PSfgblPAR2gc184:8 (W), 1.1 PSdgflkfFRA1gi91:1 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4613
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 32552

GET
H2 200 community-img.jpg
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 43 KB
43 KB 131ms
125ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/community-img.jpg

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

25f1e0092c988035d49953b22f6c0b86b9b350fdbef9074394665573cc928506

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-04vIR146:9 (W), 1.1 PS-YUL-01SRZ95:8 (W), 1.1 PSfgblPAR2gc184:5 (W), 1.1 PSdgflkfFRA1je97:22 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4614
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1je97FRA
accept-ranges: bytes
content-length: 43821

GET
H2 200 LP-Desktop-Trust.jpg
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 26 KB
26 KB 95ms
90ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/LP-Desktop-Trust.jpg

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a9dc6567d5dc496ba9da73f394fb337041db8c57adbad8dafe2e56b0f36e4548

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PSmgdfDEN1ka90:10 (W), 1.1 hx171:4 (W), 1.1 PSfgblPAR2ff185:1 (W), 1.1 PSdgflkfFRA1gi91:10 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63963
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4615
content-type: image/jpeg
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 26578

GET
H2 200 footer-logos.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 17 KB
17 KB 104ms
99ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/footer-logos.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

be8a6da2cf07665397188fbcaeded03952a778847bac563f356bcc36d2a6a8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PSmgdfDEN1ka90:10 (W), 1.1 hx171:0 (W), 1.1 PSfgblPAR2rt183:8 (W), 1.1 PSdgflkfFRA1je97:20 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63962
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4616
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1je97FRA
accept-ranges: bytes
content-length: 17156

GET
H2 200 devices.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 390 B
852 B 130ms
125ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/devices.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d6cffdfae79d7064d5b24a81071405a18994e7b14ead475997ba37cb7abbc83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-04vIR146:9 (W), 1.1 PS-YUL-01Ge696:10 (W), 1.1 PSfgblPAR2ff185:1 (W), 1.1 PSdgflkfFRA1vg90:0 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 63962
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4617
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1vg90FRA
accept-ranges: bytes
content-length: 390

GET
H2 200 os.png
www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/ Frame 58D6 525 B
985 B 131ms
126ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/betting-offers/casino-welcome-bonus/assets/img/os.png

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a4c8853466f4909e4ee580429592c56b553fcc02f4bc74dce30b79b1157226e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
via: 1.1 PS-IAD-049Jq145:1 (W), 1.1 PS-YUL-01DBW97:0 (W), 1.1 PSfgblPAR2gc184:4 (W), 1.1 PSdgflkfFRA1gi91:8 (W)
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8
age: 57909
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4621
content-type: image/png
cache-control: max-age=604800
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 525

GET
H2 200 vergicLoader.js Show response
www.bovada.lv/assets/js/ Frame 58D6 401 B
732 B 41ms
41ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/vergicLoader.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6a31898ab21f56bdf0e2d6bef6c80c13e8fe8d476fab999babeb590cd3975a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
content-encoding: gzip
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
via: 1.1 PSmgdfDEN1jc92:3 (W), 1.1 hx172:0 (W), 1.1 PSfgblPAR2rt183:4 (W), 1.1 PSdgflkfFRA1gi91:22 (W)
server: PWS/8.3.1.0.8
age: 75097
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4579
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 236

GET
H2 200 browserStorage.js Show response
www.bovada.lv/assets/js/ Frame 58D6 4 KB
2 KB 45ms
40ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/browserStorage.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0702386006370b5e24d921102cb8e86702fef984220270b982f7de10a615c1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
content-encoding: gzip
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
via: 1.1 PS-IAD-04vIR146:10 (W), 1.1 PS-YUL-01SRZ95:7 (W), 1.1 PSfgblPAR2gc184:2 (W), 1.1 PSdgflkfFRA1je97:8 (W)
server: PWS/8.3.1.0.8
age: 75097
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4601
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1je97FRA
accept-ranges: bytes
content-length: 1080

GET
H2 200 affiliate.js Show response
www.bovada.lv/assets/js/ Frame 58D6 753 B
886 B 46ms
41ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/affiliate.js?version=2

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

33c1aa99ddbcab0986d8fee7581dd0c944db0bb6b2d627e909fed75e4dd71244

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
content-encoding: gzip
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
via: 1.1 PS-IAD-04vIR146:6 (W), 1.1 PS-YUL-01DBW97:1 (W), 1.1 PSfgblPAR2gc184:3 (W), 1.1 PSdgflkfFRA1gi91:10 (W)
server: PWS/8.3.1.0.8
age: 75097
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4602
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 380

GET
H2 200 webtrekk.js Show response
www.bovada.lv/assets/js/ Frame 58D6 2 KB
1 KB 47ms
39ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/webtrekk.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

8f76a8ddf3563eaf57da8efea384b24fcdde1fcee8c8617f8a9ecda4e74db095

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:31:10 GMT
content-encoding: gzip
referrer-policy: strict-origin
strict-transport-security: max-age=16070400
via: 1.1 PSmgdfDEN1jc92:7 (W), 1.1 hx172:8 (W), 1.1 PSdgflkfFRA1hb199:3 (W), 1.1 PSdgflkfFRA1gi91:2 (W)
server: PWS/8.3.1.0.8
age: 75097
x-ws-request-id: 647b5cbe_PSdgflkfFRA1vg90_20230-4606
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1gi91FRA
accept-ranges: bytes
content-length: 636

GET 1
ponos.zeronaught.com/ Frame 391E 0
0

GET
H/1.1 200
OK ServerTime Show response
extra.bet365.de/ Frame 391E 261 B
1 KB 253ms
136ms XHR
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://extra.bet365.de/ServerTime

Requested by

Host: www.bet365.de
URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a3d93ff8f8865ca315bba8f4e8c3a4d930ba80156a5c7432bee9555d2d3895

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' *.bet365.de
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:10 GMT
Content-Encoding: gzip
Content-Security-Policy: connect-src 'self' *.bet365.de
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
CF-RAY: 7d18fb444cc89022-FRA
Content-Length: 265

POST
H/1.1 200
OK cookieconsentajax Show response
www.bet365.de/olpc/de/75/0/1/ Frame 391E 4 KB
2 KB 87ms
87ms XHR
text/html 5.226.179.19
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet365.de/olpc/de/75/0/1/cookieconsentajax?
Requested by: Host: www.bet365.de
URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9b73c17d058cc010a1d219288918ca6d3e04cddcc7eb76b68fa1b3b5f21e0ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bet365.de/olpc/de/75/0/1/open-account
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:10 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
CF-RAY: 7d18fb439af1360f-FRA
Content-Length: 1468

GET
DATA 200
OK truncated
/ Frame 391E 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 660499503695122 Show response
responder.wt-safetag.com/resp/api/get/ Frame 58D6 101 KB
29 KB 205ms
40ms Script
text/javascript 185.54.150.22
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt-safetag.com/resp/api/get/660499503695122?url=https%3A%2F%2Fwww.bovada.lv%2Fbetting-offers%2Fcasino-welcome-bonus%2F%3Freferral%3DMDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk%26affid%3D29622&v=5
Requested by: Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/webtrekk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: df63963f2f84a687b25197a26130ba7636b23134c94a9ecd786c632401a3a396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 15:31:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Mar 2023 15:35:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age: 0, must-revalidate
Connection: keep-alive

GET
H/1.1 200 wt
pro2.webtrekk-us.net/205099820688534/ Frame 58D6 43 B
731 B 581ms
117ms Image
image/gif 52.2.198.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro2.webtrekk-us.net/205099820688534/wt?p=527,BVD%3Abetting-offers%3Acasino-welcome-bonus%3A,1,1600x1200,24,1,1685806270880,0,0x0,0&la=en&mc=wt_mc%253D.....29622.&cp3=BVD&cp6=https%3A%2F%2Fwww.bovada.lv%2Fbetting-offers%2Fcasino-welcome-bonus%2F%3Freferral%3DMDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk%26affid%3D29622&np=&pu=https%3A%2F%2Fwww.bovada.lv%2Fbetting-offers%2Fcasino-welcome-bonus%2F%3Freferral%3DMDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk%26affid%3D29622
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.198.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-198-39.compute-1.amazonaws.com
Software: 577bcc91 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 15:31:11 GMT
Last-Modified: Sat, 03 Jun 2023 15:31:11 GMT
Server: 577bcc91
Content-Type: image/gif;charset=UTF-8
P3P: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow, noarchive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1B43 0
0 134ms
41ms Document
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.bovada.lv
URL: https://www.bovada.lv/betting-offers/casino-welcome-bonus/?referral=MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk&affid=29622
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.bovada.lv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sat, 03 Jun 2023 15:31:10 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 7f538bf31eb8819f
pixel.sitescout.com/up/ Frame 58D6 43 B
267 B 135ms
42ms Image
image/gif 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/7f538bf31eb8819f?cntr_url=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 15:31:10 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ponos.zeronaught.com
URL: https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A_ZE4oGIAQAAi86xkFNz_8Zl8lAotNGhnUXmGLncGvYIwFie2zxI-FmVBujaAVD_B2WuchRAwH8AAEB3AAAAAA==&c=-583944288

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro2.webtrekk-us.net/205099820688534	1970-01-20 16:35:58	Name: wteid_205099820688534 Value: 4168580627100359326
pro2.webtrekk-us.net/205099820688534	1969-12-31 23:59:59	Name: wtsid_205099820688534 Value: 1
www.marchsphere.com/	1970-01-20 12:16:57	Name: hotstats Value: b6a78393-1b9c-8bc9-d33a-48dfa89f0dae
.bet365.com/	1970-01-20 12:16:48	Name: __cf_bm Value: iV4Htu8f5i.y6wz3zh_1xUTnEIZ5ALCnFTmD_I69s6U-1685806268-0-AaKxULoPmunRjCrAWng1UqeVk6ebWBH3n7zTIrlTWJode1ajG0fOLtKHGlOMKGS0PSY64QrYiCH4ybsBrNk0ENA=
ic.aff-handler.com/	1970-01-20 12:59:58	Name: uffiliate_click_48183_1838568_ Value: uffiliate_click_48183_1838568_
record.eshkol.com/	1970-01-20 21:03:48	Name: VID1 Value: KSwzKFQsUzxVLCM0UgpgCg%3D%3D
.eshkol.com/	1970-01-20 21:03:48	Name: ZBan Value: znmrFUsbxQ5S_15WTNMCmWNd7ZgqdRLk
.jackpotcitycasino.com/	1970-01-20 12:16:48	Name: __cf_bm Value: T9VStDgILeaVA9Vp4ROl2H1EzdCOBZ0UA0DfBwXhUz0-1685806268-0-ARuXrrsOQrAqBYbbpXcS790+TVXy72kaQH2TJz3toEUIW5xXYnyfzZkEHQ2MbB2tvxxfBfr+fTFAqUG43xTpdiA=
.spincasino.com/	1970-01-20 12:16:48	Name: __cf_bm Value: rRIblpDAOzsdFcjB6A7a7qae67bOAlYqdZJIASthB54-1685806268-0-AQ0+DTpa46gSNI7uXc77RM8pwJ9BXl+kGm2Y+ahJLueYB5HfrVPSYrISjNplYtq/pO13NbE6q0u89lIDbsJYdjg=
.bet365.de/	1970-01-20 12:16:48	Name: __cf_bm Value: oDDWtu9P2_Sm4_ZlOsb71nL1VeLd4ONbNV.1sLbwhuE-1685806269-0-AUk269wetQYI4YnIHTQfGBldHxdwRyOjcMU1X/3VmvntFK5McBIaGSd1PvWSck54mW4Xnvsy3To09WzqcRtim3M=
.888casino.com/	1970-01-20 12:16:47	Name: 888Attribution Value: 1
.888casino.com/	1970-01-20 12:26:51	Name: 888Cookie Value: isftd%3Dfalse%26isreal%3Dfalse%26lang%3Dde%26OSR%3D1838568
.bet365.de/	1970-01-20 13:21:34	Name: Affiliates Value: Code=365_01524730%2f179678341763&prd=Sports
members.bet365.de/	1969-12-31 23:59:59	Name: session Value: processform=0
.bet365.de/	1969-12-31 23:59:59	Name: pstk Value: 4A4E47871E783315ADCA9692537D3043000003
www.powerplay.com/	1969-12-31 23:59:59	Name: SERVERID Value: tc-app1\|ZHtcw\|ZHtcw
.www.powerplay.com/	1970-01-20 12:16:48	Name: __cf_bm Value: gA2SQxd4y8rg.AOOoTrmA24v4GEW7kHwRxTjwqhOF6o-1685806269-0-ASAQNQwe1RMkFBkQ5KYX5cLICJtZQ6ohO5ny+taWzuXJMl5FYRladIRu7LAKnn9rWuvVcEDBT+L6Kh2gNPqnwGIB4H/60VytB0uiBJACPohi
.888slots.de/	1970-01-20 12:16:47	Name: 888Attribution Value: 1
.888slots.de/	1970-01-20 12:26:51	Name: 888Cookie Value: isftd%3Dfalse%26isreal%3Dfalse%26lang%3Dde%26OSR%3D1838568%26queryCountry%3Ddeu%26st%3D1349
record.revenuenetwork.com/	1970-01-20 21:03:48	Name: VID1 Value: KS4zQFMsM0BZLSNAVwpgCg%3D%3D
.revenuenetwork.com/	1970-01-20 21:03:48	Name: ZBan Value: MDIAAaryDafgWIPqGlQwhGNd7ZgqdRLk
.sportsinteraction.com/	1970-01-20 12:16:48	Name: __cf_bm Value: vaxAueSNMr6yU5C1X7iCYugfAudHauOYksLe4uSsdXk-1685806269-0-AcrFO/K8Dctk66p6FmzqcJ8KxAJ0VrIzFp3jYRiXZfvA/ZePFUuWMMclcbo5eZxITdM7cMVj/mDCn4iit97jYJw=
.www.sportsinteraction.com/	1970-01-20 12:16:53	Name: __sia_session Value: hvS1uE78OxMhfwJzijfzBuHUrurvxvgV0hSQulnD4m5uE9sj8lTt36kwzskLiB282ibyXDogLBQs9l%2FPHWE%2BOULMxVH4ux1fQ4FIuNmZ5UdXqGck%2Fbd2bnwbARJztnDqNBfyR9qD2%2BDxImXQvXUqbqfQDnHvQ0RwK4cNINI7dq9sksAuyCfuQ9U4eI%2BBl3pHK76HgAmsw8smhIWyL%2B4OwGq2oeFNwdKBgWCTf0wIT83roIkctFzkMnye2c1KHQRiN9%2BLXkm9SrLyONiWm%2F7Gg8cTGFLzbMh2IiUlAk5xWIfdpag3artB6t5ag9eOrmT%2B1EW1h2Xh%2B9GtdVCyIjV70RrWeqcoBA%2FiVI3x1f0YvDouELSiYBPHh0VvodQAHAJE6pVkxCUb7StOVAgOJoMflCWxwVBWTLndh5PAXR%2Ffi4pcXmfxP2LrwMN1kHtniNrDY5zHZZr5Wfg45nzchYENAXbrm7Cd3xdLKAwNYSENtMb3SklDryALRlBo0Ie4tJk9GpqOGnbgPWoqkcxM1FLX9xnX4kIeuX0PhDY9AzLGlYnYIkwD3HxWhVKZAOEHQcNRAUwt%2FfToSIr7U7RebldbpkW234C0rUZj498L3IV6xcJiMUZORMkGzDDY%2FSD60JI0drWrskJJ6bLt8KDRQqqg0USRQO6lJuobdlw1oPHPWb2nouIKVpOMcSf3bwV%2Fql1xX9HLV%2B2zDFsmTZF6eFdSmN63VYdEz%2BAPYRMR%2F1WKMLJ0zuHtxBxCQ0zZ%2BL9YJLVUDydCWU37f9wwHN5lFvGPiO8qYbNjpidYl%2BRBDsl8GgToQV6UfVYccKC1P2AP5gjR97yLo5fSI4zO8ZVAuajO0oBEXdz05RZYM96QMKMmND9CReCRR%2Bbx%2FmR6EOEyxJSU4aKz2XwL31DnNXaD9%2FM5KaSs9G3zC8AlyOUqKChtD7hYoBNDadxsyadC%2FvZXhuE%3D--jMX7SDCZFy0%2BZrCW--zzUnWUkb615dBapxMZ1LjA%3D%3D

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.powerplay.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.spincasino.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.jackpotcitycasino.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security	error	Message: Refused to frame 'https://www.888slots.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' .genesazrak.com .888casinoarabic.net .arabiccasino888.com .casinoarabic888.com .casinoarabic-888.com .888-casinoarabic.com .888casino-arabic.com http://wrapper.safe-installation.com/ https://wrapper.safe-installation.com/ http://localhost: https://localhost:* .bingosys.net .secured-igaming-usa.com .888.pt .sisportsbook.com .888poker.de .888slots.de .safe-iplay.com .safe-installation.com .payoutscentral.com .triple8holdem.com .888.com .secured-qa.com .secured-registration.com .secureutils.com .images4us.com .onlinepersonalmessages.com .888sport.com .888sport.es .888sport.it .888sport.dk .888sport.ro .888sport.se .888sport.us .888sport.de .777.com .personalinfoonline.com .888.de .888casino.com .888poker.com .888casino.dk .888poker.dk .888.de .888casino.ro .888poker.ro .888casino.se .888poker.se .888casino.es .888poker.es .888casino.it .888poker.it .888casino.us .888poker.us .888ladies.com .888.pt cmsp .harrahscasino.com .wsop.com .delawarepark.com .doverdowns.com .harringtongamingonline.com .secured-igaming-services.com .secured-igaming-usa.com .igaming-services.com .888.ca .888casino.ca .888poker.ca .888sport.ca .888.nl .888casino.nl .888poker.nl .888sport.nl .ar-888-casino.com .888casino-ar.com .ar888-casino.com .arab888-casino.com .casinoelarab-888.com .alarab-888casino.com .casinoalarab-888.com .888casino-alarab.com .888casino-arabian.com .arabian-888casino.com .888-casino-arabian.com .888-casino-alarab.com .ballysdover.com .888casino-uae.com .playat888-games.com .888casino-game.com .online-arabic-casino.net .tripleeight.live .playat888online.com .888games-uae.com .triple-eight-games.com .play-casino-now.com .888slots-uae.com .888-uae.com .mrgreen.de .mrgreen.se .mrgreen.com .mrgreen.dk".
security	error	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A_ZE4oGIAQAAi86xkFNz_8Zl8lAotNGhnUXmGLncGvYIwFie2zxI-FmVBujaAVD_B2WuchRAwH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com http://members.bet365.de https://extra.bet365.de 'nonce-PFU4p6tPXsl1dd0oSFwT9llEBbfmTWQDwB/Vn/RGcpA='".
security	error	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js Message: Refused to connect to 'https://ponos.zeronaught.com/1?a=4f1b553bcbb102293b80294fd10f29372b6a27ce&b=A_ZE4oGIAQAAi86xkFNz_8Zl8lAotNGhnUXmGLncGvYIwFie2zxI-FmVBujaAVD_B2WuchRAwH8AAEB3AAAAAA==&c=-583944288' because it violates the following Content Security Policy directive: "connect-src 'self' *.bet365.de".
javascript	warning	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMA04YGIAQAASq0pcB5Enx20surPWOZYqJAAz2Baqo_HlMmEd_hAB5tkW5id&PIRXTcSdwp--z=q Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.sportsinteraction.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
rendering	warning	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMA04YGIAQAASq0pcB5Enx20surPWOZYqJAAz2Baqo_HlMmEd_hAB5tkW5id&PIRXTcSdwp--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security	error	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMA04YGIAQAASq0pcB5Enx20surPWOZYqJAAz2Baqo_HlMmEd_hAB5tkW5id&PIRXTcSdwp--z=q Message: Refused to create a worker from 'blob:https://www.bet365.de/0abcc6ae-e277-4b17-90ae-15abccc6459a' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.googletagmanager.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
rendering	warning	URL: https://www.bet365.de/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMA04YGIAQAASq0pcB5Enx20surPWOZYqJAAz2Baqo_HlMmEd_hAB5tkW5id&PIRXTcSdwp--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content001.bet365.de
extra.bet365.de
fonts.googleapis.com
ic.aff-handler.com
media.sia.com
members.bet365.de
pixel.sitescout.com
ponos.zeronaught.com
pro2.webtrekk-us.net
record.casinotropez.com
record.eshkol.com
record.revenuenetwork.com
region1.google-analytics.com
responder.wt-safetag.com
unpkg.co
unpkg.com
up.pixel.ad
www.888casino.com
www.888slots.de
www.bet365.com
www.bet365.de
www.bovada.lv
www.casinotropez.com
www.google-analytics.com
www.googletagmanager.com
www.jackpotcitycasino.com
www.marchsphere.com
www.powerplay.com
www.powerplaybet.com
www.spincasino.com
www.sportsinteraction.com
xstatic.casinotropez.com
ponos.zeronaught.com
104.16.45.33
104.18.170.226
104.18.193.136
13.32.121.127
163.171.128.148
172.64.145.101
178.79.242.16
185.54.150.22
20.234.75.0
2001:4860:4802:34::36
217.147.127.42
2606:4700:3030::6815:56f8
2606:4700:3031::6815:1937
2606:4700::6810:7eaf
2606:4700::6812:140a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2008
2a00:1450:4001:828::200a
2a02:26f0:480:25::1726:6210
35.190.3.53
40.127.232.184
5.226.179.10
5.226.179.19
52.2.198.39
98.98.134.241
0702386006370b5e24d921102cb8e86702fef984220270b982f7de10a615c1a3
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
135832e5ea5d35dc1208592b56db63803045436048dbeb3465b349475a5efaf8
14144d3ea531e950a4470cb3afedf24e66c62bb779136e5b1800c363c6bf6dc2
19bb9b4fe4276aa06a908b7121104bdfcc0a374486e94b56b7d17146e02efeb0
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
25f1e0092c988035d49953b22f6c0b86b9b350fdbef9074394665573cc928506
33c1aa99ddbcab0986d8fee7581dd0c944db0bb6b2d627e909fed75e4dd71244
367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51
3a180b1a5fb5fc655217e4a263ddd163f352f9a5d286975555a6750b3517324f
3fa333779deb19633d351315deab05658783630c8f6a62ec1b8e2ca387babe81
414b503374b2c0cfdc0fee19b6cd3dafc3088c3dd2c045eeac9125cd88864a26
4a43c8eef1312b5121c86145c6c71d317ec36ce115beb05b566633a720665fa9
50576baf213044ecb44efd95de27bf52e18ca9a17895cf2650a781744c2b1540
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55432b90d51596234bde8ca5f6373e363a6e9b66485ca09a1aec1057444daf8e
5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
5b20e76d611c95a36823a7d9e6a1d2bb33186646795dba7e781e706d351dd768
5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe
5f2eb09def15481d267ebaf76e148b4b1daefdc18856ad289cc728381f4ff6b2
614de85f5ebb4b3a1fa2f4e3ae9f225b745debc71c4f32137c7b698c1eca3367
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
6a31898ab21f56bdf0e2d6bef6c80c13e8fe8d476fab999babeb590cd3975a7c
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
6e374e87410fc9c645820164a729db28bc7673168ecfaff7ae4ae3ec76020902
6fa78e2995367c5efd6d4e8e2cb611acd90d2a0cf04643b410a0af289a3ed8e3
707359eebd042007ecf2cc74bae1d551faa039d420650f076582bae6aa767984
7163d2886f01465e2afb239c0c401a931d7ce3e682b3eaf4d3f37c7b84c6615d
74b4bed0666945f038b0426cbb17acfda3f128b016e624a85e46b9d3eb47bdbf
794d9ac972b608c40be8e1fdcaf4c992113ed878b534412e511b8fd791dc23b7
851062f8862a284c51e4334c1c90cc8f9ef03360585797526df27421dc729e45
8dde9ffb1573cd744a62513ffa55523f6a2b6eba17d3113fd256fae9c13df370
8f76a8ddf3563eaf57da8efea384b24fcdde1fcee8c8617f8a9ecda4e74db095
90bb604d350177bdb59a2f63c40778333acb92033a7054239afbd2e7868a7194
938be9a666ad7c7f2d3433915964417613c1a0a3a7de7261f7f9420747f9702e
94a3d93ff8f8865ca315bba8f4e8c3a4d930ba80156a5c7432bee9555d2d3895
9fc572462159828d2f8cd3d65c944825a5616b332533e29ecb989cda018c2507
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4c8853466f4909e4ee580429592c56b553fcc02f4bc74dce30b79b1157226e6
a9dc6567d5dc496ba9da73f394fb337041db8c57adbad8dafe2e56b0f36e4548
aa29aeaa549a9caa7c64b9139fd4585ce61e8b6956689286f253088e35f9f590
ac97b0520a8964b7bbb241a4f2d43f8c473b25b2946451a0dee98d0287a6ab32
b0cb3b390eba9349ee31a4eb247cca78b4b7ace278d78eff8780accadff7d28e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
b2a88ce6f9cf2ec794278ade62ee8b9d14f755a95f54027e1269e380f889cb01
b8ff62717f018de6fd60a74da868934ac8ce13bc5204f5d774312c03d2393fd5
be8a6da2cf07665397188fbcaeded03952a778847bac563f356bcc36d2a6a8a8
c4c88d9696a320e579f9572eea63ccc2b3a661fae72ccfe9870ac43da80f4467
c7989b98fc2d7be785da753fe469d9a107e8fc3af43960ed891c01c222f81be9
c8fb2395d5576c992c88c029a09527c918c14c77c6299c9025f9b395982c7513
cab891d71f164d5e0725fcbb26b9abbf133398087a3c4275b8f642be8dd696c3
ceee4b9cfd7e6168e374009f8f4179f34cbacd12e3b1544ecf703f494b6b5c7d
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
d261c726c2dfe20843d35e93f853e27005832380a3923ebf9be0cb0b68fe4ae4
d6cffdfae79d7064d5b24a81071405a18994e7b14ead475997ba37cb7abbc83a
d8c1f5faeefdbe66cf81974b0073a6fdbe2510d39e580c7ddbe96ce5e8bed56c
d9b73c17d058cc010a1d219288918ca6d3e04cddcc7eb76b68fa1b3b5f21e0ec
df63963f2f84a687b25197a26130ba7636b23134c94a9ecd786c632401a3a396
e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448679f796dc4f93e2469d6b841742397ebd47995d7dc72329e6e99dcc625a1
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e55b95356a00c3771d857a4cbc47a2e61bced6840c1530ca20437c084dc2a55c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f442599e943e25050af27b21ed2d4aa6ae447fe5d02f0615e90e0f70043a5a7c

www.marchsphere.com Open in urlscan Pro 2606:4700:3031::6815:1937 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

36 %IPv6

26 Domains

32 Subdomains

19 IPs

6 Countries

1718 kBTransfer

3111 kBSize

23 Cookies

0 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.marchsphere.com Open in urlscan Pro
2606:4700:3031::6815:1937 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

36 %
IPv6

26
Domains

32
Subdomains

19
IPs

6
Countries

1718 kB
Transfer

3111 kB
Size

23
Cookies

74 HTTP transactions
1 data transactions