adskvjn1iu3ng.atwebpages.com Open in urlscan Pro
185.176.43.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onx.la/75abf
Effective URL:
http://adskvjn1iu3ng.atwebpages.com/
Submission: On December 09 via automatic, source openphish (December 9th 2022, 1:10:13 am UTC) — Scanned from DE

Summary HTTP 73 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 23 domains to perform 73 HTTP transactions. The main IP is 185.176.43.100, located in and belongs to . The main domain is adskvjn1iu3ng.atwebpages.com.

This is the only time adskvjn1iu3ng.atwebpages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.20.67.12 107.20.67.12	14618 (AMAZON-AES) (AMAZON-AES)
2	52.22.106.250 52.22.106.250	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6812:19f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
20	2600:9000:249... 2600:9000:2491:2800:1e:e35f:100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:9ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:b110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.77.245 13.225.77.245	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2	185.176.43.100 185.176.43.100	() ()
73	24

1 107.20.67.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-67-12.compute-1.amazonaws.com

onx.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.106.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-106-250.compute-1.amazonaws.com

onx.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2491:2800:1e:e35f:100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.onurix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9ce (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:b110 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.176.43.100 (None, )

ASN- ()

adskvjn1iu3ng.atwebpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	onurix.com cdn.onurix.com	471 KB
11	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 30745 ui.cleverwebserver.com — Cisco Umbrella Rank: 31284 lp.cleverwebserver.com — Cisco Umbrella Rank: 65648 call.cleverwebserver.com — Cisco Umbrella Rank: 32535	306 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 26	40 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	234 B
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 909	837 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 356	12 KB
3	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 5395 track.adform.net — Cisco Umbrella Rank: 3431	32 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	132 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	212 KB
3	onx.la 1 redirects onx.la	14 KB
2	atwebpages.com adskvjn1iu3ng.atwebpages.com	698 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 20822	5 KB
2	gmlinteractive.com cdn.gmlinteractive.com — Cisco Umbrella Rank: 411800	7 KB
2	betano.de 1 redirects www.betano.de — Cisco Umbrella Rank: 439672	2 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 67038	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	13 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 2	22 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6073	548 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 884	12 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	2 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	clevernt.com 1 redirects sender.clevernt.com — Cisco Umbrella Rank: 59021	430 B
73	23

	Domain	Requested by
20	cdn.onurix.com	onx.la
8	lp.cleverwebserver.com	onx.la lp.cleverwebserver.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	www.betano.de
3	tr.snapchat.com	sc-static.net www.betano.de
3	bat.bing.com	onx.la bat.bing.com www.betano.de
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.googleapis.com	cdn.onurix.com lp.cleverwebserver.com www.betano.de
3	www.googletagmanager.com	onx.la www.betano.de www.googletagmanager.com
3	onx.la	1 redirects onx.la
2	adskvjn1iu3ng.atwebpages.com	onx.la adskvjn1iu3ng.atwebpages.com
2	track.adform.net	1 redirects www.betano.de
2	a.mgid.com	onx.la www.betano.de
2	cdn.gmlinteractive.com	www.betano.de
2	www.betano.de	1 redirects lp.cleverwebserver.com
2	gml-grp.com	2 redirects
2	cdnjs.cloudflare.com	onx.la
1	www.google.de	www.betano.de
1	www.google.com	www.betano.de
1	s2.adform.net	onx.la
1	sc-static.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	apis.google.com	onx.la
1	call.cleverwebserver.com	onx.la
1	sender.clevernt.com	1 redirects
1	ui.cleverwebserver.com	onx.la
1	scripts.cleverwebserver.com	onx.la
73	28

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
adskvjn1iu3ng.atwebpages.com

Subject Issuer	Validity	Valid
onurix.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.onurix.com Amazon	`2021-12-12` - `2023-01-10`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-17` - `2022-12-16`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://adskvjn1iu3ng.atwebpages.com/
Frame ID: A9B5F9E5FB3C456E000BD6D00D37C4CC
Requests: 8 HTTP requests in this frame

Frame: https://onx.la/null
Frame ID: F6FBCBFAA2C1725FD5F50F14204C2AE5
Requests: 28 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Frame ID: 57ED264668E21674438E8192CEB15F2C
Requests: 10 HTTP requests in this frame

Frame: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Frame ID: DF732B2B656572417E680027A6722BD3
Requests: 28 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=60b56ef2-a965-4ea8-b2d9-99291d24ead8&u_sclid=1b39185d-bfdb-4e96-a197-1688eed98714
Frame ID: CC5C930C862C75E8704181530EC4F592
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirecting

Page URL History Show full URLs

http://onx.la/75abf HTTP 301
https://onx.la/75abf Page URL
http://adskvjn1iu3ng.atwebpages.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

95 %
HTTPS

69 %
IPv6

23
Domains

28
Subdomains

24
IPs

4
Countries

1329 kB
Transfer

3888 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: http://adskvjn1iu3ng.atwebpages.com/
Title: Redirecting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onx.la/75abf HTTP 301
https://onx.la/75abf Page URL
http://adskvjn1iu3ng.atwebpages.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://onx.la/75abf HTTP 301
https://onx.la/75abf

Request Chain 4

https://sender.clevernt.com/transporter/62980.php?ppuc=1&ppu=0&id=633235&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&ruri=&r=285405408&tok=33419711310201791433&t=1670548208&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=360 HTTP 302
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408

Request Chain 43

https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE&AutoR=1 HTTP 302
https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSABGYFLSRBAADE&utm_medium=431&utm_source=1&siteid=1151 HTTP 302
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Request Chain 70

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

75abf Show response
onx.la/
Redirect Chain

http://onx.la/75abf
https://onx.la/75abf

2 KB
2 KB

646ms
337ms

Document
text/html

52.22.106.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.106.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-106-250.compute-1.amazonaws.com
Software: awselb/2.0 / PHP/7.3.33
Resource Hash: c2337fc5b76d8da3168e17921fcb681103cc8b01b6bc297c6e4fbb1869be6bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-length: 2175
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 01:10:08 GMT
expires: Fri, 09 Dec 2022 01:10:08 GMT
server: awselb/2.0
x-powered-by: PHP/7.3.33

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Fri, 09 Dec 2022 01:10:07 GMT
Location: https://onx.la:443/75abf
Server: awselb/2.0

GET
H2 200 9cc51c70b7d1ce7a6710af35f27b550f.js Show response
scripts.cleverwebserver.com/ 132 KB
48 KB 137ms
108ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/9cc51c70b7d1ce7a6710af35f27b550f.js
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565f99a18ede6bdf5d8d6da7fe05d694ebb0e77cefbad2c6ccf062d3eff114f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:08 GMT
x-amz-version-id: oWIA6Rl.gLwr6E_REY3wj3_vKmb10YH6
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Dec 2022 14:14:25 GMT
server: cloudflare
x-amz-request-id: BSTXNB6V1MS7QC7Z
etag: W/"e187069e0022e98c0f3c95a854aff8f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7769dbffaa079a0f-FRA
x-amz-id-2: f9AkTVdDvntRG2N5o4yTfNhNB0re3rZSG3luM6jOfL3Xv8/XMjLXGae11VldWUBCi4y0Tp6A/Dg=
expires: Fri, 09 Dec 2022 01:40:08 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
196 B 28ms
21ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f953dab998ae292f5429c436b470f3ff9c17e3e1aed942acedf129f22bc55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7769dc007b019a0f-FRA
content-type: application/javascript

GET
H2 200 null Show response
onx.la/ Frame F6FB 11 KB
11 KB 208ms
208ms Document
text/html 52.22.106.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onx.la/null
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.106.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-106-250.compute-1.amazonaws.com
Software: awselb/2.0 / PHP/7.3.33
Resource Hash: 5c93b4e2e658d0e87dd6374842cd999aa2b26d5424cafdde1448a4fba535a626

Request headers

Referer: https://onx.la/75abf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-length: 11230
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 01:10:08 GMT
expires: Fri, 09 Dec 2022 01:10:08 GMT
server: awselb/2.0
x-powered-by: PHP/7.3.33

GET
H2

200

/ Show response
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame 57ED
Redirect Chain

https://sender.clevernt.com/transporter/62980.php?ppuc=1&ppu=0&id=633235&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&ruri=&r=285405408&tok=33419711310201791433&t=1670548208&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=...
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJ...

1 KB
738 B

100ms
91ms

Document
text/html

2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94bebf3bdaae04338726a1c27cb4290816664dca7dc9455844ab26c6e0ccf2a

Request headers

Referer: https://onx.la/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1800
cf-cache-status: MISS
cf-ray: 7769dc01fcb09a0f-FRA
content-encoding: br
content-type: text/html
date: Fri, 09 Dec 2022 01:10:09 GMT
expires: Fri, 09 Dec 2022 01:40:09 GMT
last-modified: Tue, 06 Dec 2022 20:04:08 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: EHdDjCFQfQyJISvePP/v503NR4KYeN5D9SclQ7HX/U6FksV6m+duuAJ5jM2z27lMQ4WlLJXBygU=
x-amz-request-id: 23DV5V4AEM73Z5WH

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 01:10:08 GMT
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Fri, 09 Dec 2022 01:10:08 GMT
location: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
pragma: no-cache
server: nginx

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
call.cleverwebserver.com/ 43 B
133 B 71ms
61ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://call.cleverwebserver.com/?id=62980&c=DE&r=BY&l=30&b=Chrome&os=Win10&mob=0&v=1.33.0&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&ruri=&iv=-1&ctr=DE&sz=1200

Requested by

Host: onx.la
URL: https://onx.la/75abf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7769dc00ebaa9a0f-FRA
content-length: 43
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F6FB 109 KB
43 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72913840-5

Requested by

Host: onx.la
URL: https://onx.la/null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79093f31ea061942afa78c14c23884f123078945059f3ba0fb840f2f762e17a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43585
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 bootstrap.min.css
cdn.onurix.com/web/assets/css/ Frame F6FB 139 KB
19 KB 86ms
10ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/bootstrap.min.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6819939767e492cfe44998e97e1328cc121cb3b3167c80924dbdbe942fc1a77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:19:02 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1932668
etag: W/"63caaf5a48aed3a981643343ebac7a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: 7q-jXQHdERYz2dWeE7VU-WhMuZRQZwjMZXpme1C7HQFW9HDKEOEqYA==

GET
H2 200 bootstrap-social.css
cdn.onurix.com/web/assets/css/ Frame F6FB 28 KB
4 KB 85ms
8ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/bootstrap-social.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 275ad38575769a9c620913155a7bacf2636aae462f78a2d67db83c4d1461a60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:19:02 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1932668
etag: W/"e211f3eb78f9e7c2fd2bf0043481ea72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: eXjPv28sreR-SzuSQyCz9eXkWW0EKuujsdS_7UmDyw6QCl8p5TArZA==

GET
H2 200 plugins.css
cdn.onurix.com/web/assets/css/ Frame F6FB 225 KB
37 KB 93ms
17ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/plugins.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b61170c570b35792e6612ccb32cb828d644cb5a8a692ebc7656f4ce710451d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:14:27 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2368543
etag: W/"ee8b1c59cf808ad7ece610402eecc620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: g-f_HELwzte1qxbzl-r77blqH35VRKmQwIz0jogexopBdt8actSaWA==

GET
H2 200 main.css
cdn.onurix.com/web/assets/css/ Frame F6FB 64 KB
12 KB 95ms
19ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/main.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 087b495ae28e9fc88b0dbed86d9f7303ecf5c7f8f50f4a16824fa466f1c680bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:19:02 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1932668
etag: W/"2fb4fd559bb201ce6576fd622809bb8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: cpebo5iE9gx0P2d55Ubr_YyXf19tZiQJZXYBH83SrdrmbKROzhYnWg==

GET
H2 200 themes.css
cdn.onurix.com/web/assets/css/ Frame F6FB 9 KB
2 KB 95ms
19ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/themes.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f92d2de12476e4800ece4cf4aae2ca4f45a56ae77e999e210a1363806723271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 11:29:56 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2036414
etag: W/"4ab9efe60cd3ebf2b724ed334e46d4ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: UXTlj6sTfTLVfVyqvGMv5iLyrX1SXsoZJhoPDLeilQU4x0JWX2rzEg==

GET
H2 200 jquery.min.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 84 KB
30 KB 100ms
24ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/jquery.min.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 09:59:16 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2992254
etag: W/"710458dd559c957714ac4a8e95357eb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: Odt_iZGYbcNhApFUiErONriZFLpTOS1mtmQ8xD19qTdxm2_OWB8RWQ==

GET
H2 200 bootstrap.min.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 36 KB
10 KB 102ms
27ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/bootstrap.min.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fecc5917f95a4ba2c4e591ac7a2ca650eb142879f61a0194842496f5b6fbd366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 02:44:09 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3191161
etag: W/"d00f6797c3ca41b712886d160befa7b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: pOgAqQJ8RFCh7yK8ZWCTjWnP2cZGlQdppOEfghy61BYYffSPHf-uSQ==

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame F6FB 54 KB
21 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: onx.la
URL: https://onx.la/null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 01:10:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20982
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "0053a8bd2046ac7c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 jquery-confirm.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ Frame F6FB 27 KB
7 KB 32ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/jquery-confirm.min.js

Requested by

Host: onx.la
URL: https://onx.la/null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2001459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6362
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-6cf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGv0qYMUl1tQJbAS1chdXTxoPnPtOVvWYSoB%2FXNlTrBJWBpdQk02uKRVSHLjh7gZoruiv%2FqmrZYiacvsAhr77zAk54oH7kKotuac9zERiICid2TGOWS6F%2FyosdsoVi5qPKCPwiw4RG%2BmYrTl17g9lwee"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7769dc0238db9a06-FRA
expires: Wed, 29 Nov 2023 01:10:09 GMT

GET
H2 200 plugins.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 792 KB
230 KB 103ms
28ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/plugins.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74273066540e98f18789141f8c716b8c7a366956c420c9f5d4f60f49857c6bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:27:34 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 297756
etag: W/"416bce33943523f861b34debe22705bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: yoEpdFcoAoZEcEj2Nr8MF3uT7ODKy0UiAbGJLg5s6WX8zAXzgjjrHw==

GET
H2 200 logo50.png
cdn.onurix.com/web/assets/img/ Frame F6FB 3 KB
3 KB 26ms
24ms Image
image/png 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onurix.com/web/assets/img/logo50.png
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fef08bb770de31e21a771b1683dda8d28d3c978f6e1159303c93ea1549fcc07c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Dec 2022 00:15:16 GMT
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 21:08:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3294
etag: "ad21d089afb311a7627086b18364146e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2883
x-amz-cf-id: E4YY4ELtUdpaRXLKPdnA8YIVxMdRey7Z41mOPo6nVsKInPVz5vKW7A==

GET
H2 200 es.png
cdn.onurix.com/web/assets/img/flags/ Frame F6FB 2 KB
2 KB 12ms
11ms Image
image/png 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onurix.com/web/assets/img/flags/es.png
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d78c4fd516efd93e32056aa666f16bae5d21f65a51131c436b22d3f4fb117393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 16:19:38 GMT
x-amz-version-id: null
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jun 2022 16:29:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1932632
etag: "d764eb39dec0274a70b9b6315b110ab0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=8640000
accept-ranges: bytes
content-length: 1852
x-amz-cf-id: Kn-74ojCuFvDBCMtTaHMxuwny9tl8nXv2L3w8h0Ki1FMsALoz934_g==

GET
H2 200 en.png
cdn.onurix.com/web/assets/img/flags/ Frame F6FB 2 KB
3 KB 12ms
11ms Image
image/png 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onurix.com/web/assets/img/flags/en.png
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8d4dc8a2de390baede6c2ed7dcf8b105301cd30d4bb49eb5d8fe7b58cda36fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 11:29:56 GMT
x-amz-version-id: null
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jun 2022 16:29:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2036414
etag: "931a5c99353036eddb0c811640ab4b0d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=8640000
accept-ranges: bytes
content-length: 2488
x-amz-cf-id: ur_wVVkaV2JSRHicc_qlKbJQh2vB0m30wX65pUAeI_y4puF8NKAUvg==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame F6FB 30 KB
6 KB 13ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: onx.la
URL: https://onx.la/null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 631757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcEP%2B6UO%2FJgDKJtWcwUKm%2FiW1Nawoc%2BmJENE%2BDJDWN342mHeRDZyy9%2F8gMJepweAP3js%2BPhtvNw4XoV5uyqGMBeNeW%2FDWHPfYN%2BySLcl%2FLPk1NsF6LWEigiYZarV5hkAkYDLAFD6FvOW%2BL9VU4BK32le"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7769dc02fa2d9a06-FRA
expires: Wed, 29 Nov 2023 01:10:09 GMT

GET
H2 200 bootstrap_error.min.css
cdn.onurix.com/web/assets/css/ Frame F6FB 108 KB
18 KB 9ms
9ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/bootstrap_error.min.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf76deced8154c9bb5d86f892d81e6f8292d40900cdbdb484063dc0644019ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:27:35 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 297755
etag: W/"b10ff26c25b42323817ac67a7038c391"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: jS4XTp0aMvYKuavnEu5FZw1Iif17a75qsr3UMOppAajzULaZ8Qwrjw==

GET
H2 200 plugins_error.css
cdn.onurix.com/web/assets/css/ Frame F6FB 211 KB
36 KB 9ms
9ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/plugins_error.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a293c17367401f95e0033f63690458c58408db245c695aa90fcdac702d9bf66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:27:35 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 297755
etag: W/"e6735a92e844586bb13710fd97a4fba0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: ka5xfqoScyeuv3MK1xzNhM5Bk1baPrDueLfuESg-ty81sbEIE4zfyQ==

GET
H2 200 main_error.css
cdn.onurix.com/web/assets/css/ Frame F6FB 82 KB
14 KB 10ms
9ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/main_error.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bf147816dd912f69bc4b5181eba3aadba92959bcceb7c2611d6ebfc71a6b5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:27:35 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 297755
etag: W/"fc8596fbbbcf42d13391615246bb3bba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: fsO0B5pdE_oPKprpKv28TGIPHLuoJDZlJdSSeICEMLMEUEuuardhiA==

GET
H2 200 themes_error.css
cdn.onurix.com/web/assets/css/ Frame F6FB 9 KB
1 KB 11ms
9ms Stylesheet
text/css 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/css/themes_error.css
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab0b457b80cef3e95cd052a050585750d385e355e6543c366c8c85ef299b5dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:27:35 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 297755
etag: W/"2d589f556ddda0926691f77b53e11a8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=8640000
x-amz-cf-id: vsqmnc3NH_ofhO_srXFLjwtNwJ5BgAZIiqlAgtWu2y_QfWBoItwsmw==

GET
H2 200 modernizr_error.min.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 1 KB
1 KB 14ms
12ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/modernizr_error.min.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b066d510c4090e83cec09026d4d5ab1ff2dbb08f68459761dad83ffec1774e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 06:39:23 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3177047
etag: W/"91fff4814d41a78907a0cc7b722dbd54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: rth0VKuvYVFDCE5mP-SAJh7QgGK-HQRcZLuHVYemmeyFED1k3nFLOw==

GET
H2 200 logo512.png
cdn.onurix.com/web/assets/img/ Frame F6FB 39 KB
39 KB 14ms
13ms Image
image/png 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onurix.com/web/assets/img/logo512.png
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dc01eb027679fdf0f544924efc6512f44e990d550e55f9ef2292df92f389a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 16:45:52 GMT
x-amz-version-id: null
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 21:08:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 30258
etag: "68f4273accbabe7a057daad1dd9b89b2"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 39821
x-amz-cf-id: sF4EGnDxdQ3q4XG5ZdnaXBZhfUVZLJ-oDgIa9eEyrNWMMNtOUiP3tQ==

GET
H2 200 medios-de-pago.png
cdn.onurix.com/web/assets/img/ Frame F6FB 6 KB
6 KB 12ms
11ms Image
image/png 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onurix.com/web/assets/img/medios-de-pago.png
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ea131a8a292456efa9e9a8915ddc9dda759229232fdda6f0166231aceed5766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 15:38:42 GMT
x-amz-version-id: null
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jun 2022 16:29:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 5736688
etag: "809e44cdcbf221c5b7681c55b3ee536b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=8640000
accept-ranges: bytes
content-length: 6127
x-amz-cf-id: q7lZ9VI6HnLhUi9iSGk1gA5bc8Qw8WIgMK816oD5zz6s1mmK5Ll5BQ==

GET
H2 200 app.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 8 KB
3 KB 12ms
10ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/app.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99de438a78b16dc0eab407baf55306f02e3775f09f428bac09ee5e13f0bc31eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:01:46 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3035304
etag: W/"c1acc5cff18b09c3e6a86816734bf19a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: 0d4on0j0j5651X0HbWQStDPz7-E1UO_GdWO2zv02o0icDs9dqKgpdw==

GET
H2 200 apdi.js Show response
cdn.onurix.com/web/assets/js/ Frame F6FB 4 KB
1 KB 12ms
10ms Script
application/javascript 2600:9000:2491:2800:1e:e35f:100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onurix.com/web/assets/js/apdi.js
Requested by: Host: onx.la
URL: https://onx.la/null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2800:1e:e35f:100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5957c5b418c1a2128adb6982bf2bebd2217eec361f0dbca241302756c72dd26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 02:44:10 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Jun 2022 16:29:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3191160
etag: W/"e7074e25120359e4e243050002f0b75c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=8640000
x-amz-cf-id: 1h7TzNHX4hnAsHlwzqh7VRV7-ERTVzkp8PGlG6KdoqrBwJxr3Oux8A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F6FB 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72913840-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onx.la/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 23:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6329
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 09 Dec 2022 01:24:40 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame 57ED 10 KB
2 KB 36ms
34ms Stylesheet
text/css 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: P3P8CZ6GXF71GMMK
age: 1211
cf-polished: origSize=10303
x-amz-id-2: 4VypwCpqbPaaTyUncWnmE+qlZkYIz/O6x74jnAdsw6nZuJOtFlyKH+emthOu7502QAPTN1S+MjQ=
cf-bgj: minify
last-modified: Tue, 06 Dec 2022 20:06:22 GMT
server: cloudflare
etag: W/"073bb6043f3339ac3a807ec409b6e0af"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 7769dc029d8f9a0f-FRA
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 57ED 1 KB
899 B 21ms
18ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/anzeige.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 01:38:23 GMT
server: cloudflare
x-amz-request-id: TTBNG15TCM5V96XZ
age: 1211
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7769dc029d909a0f-FRA
x-amz-id-2: aXr4OosoAvbjz5mSV7G9T0wdRpF7tSoxkXcI1oiULxNc7OCfDmwEETLBWm+EkH98Z2it04ozTk4=
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 57ED 59 KB
28 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 20:06:22 GMT
server: cloudflare
x-amz-request-id: XWKARVT1W2SFEGBC
age: 1211
etag: W/"7f803ad83ee753fad0274978d34e95d1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7769dc029d919a0f-FRA
x-amz-id-2: jIUIleNkG0BfpIr467BFOfYBLgNQF6jNpuJa/lPRfVbMmuCL2fvMpUOd4MWGfQ0an8fBeEo1gKE=
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 copy-push.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 57ED 59 KB
28 KB 23ms
22ms Image
image/svg+xml 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy-push.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 20:04:08 GMT
server: cloudflare
x-amz-request-id: 6PQ8NWK1C9FTH6HQ
age: 1030
etag: W/"ce447a43d49084fb0a8eb2d04e2cec1a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 7769dc029d929a0f-FRA
x-amz-id-2: qW/p+tQzo+JOuWm4rpcf+fiAuXNfxENuWTQAzWQlCSItNku83u4lxWSuN36FvdgtBvL+GhOurLI=
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 57ED 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Dec 2022 17:55:37 GMT
server: cloudflare
etag: W/"638a3c19-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7769dc029d949a0f-FRA
expires: Sun, 11 Dec 2022 01:10:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F6FB 18 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,700,700italic

Requested by

Host: cdn.onurix.com
URL: https://cdn.onurix.com/web/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ff44a828d3863f32d2facd2fce2881b2e50c9f1bbfb54504ab04937695bf676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.onurix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:41:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 57ED 8 KB
803 B 30ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame 57ED 1 KB
853 B 36ms
36ms Script
text/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=633235&group=62980&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUJHWUZMU1JCQUFERQ%3D%3D&ref=aHR0cHM6Ly9vbngubGEvNzVhYmY%3D&r=285405408
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JTV21R8DEYQ1ZW0Y
age: 1794
cf-polished: origSize=2002
x-amz-id-2: +fj+FeNJ2LEuNueJNtdyRdN1QRo6kyqCUC6n00ub/FYEZEKY3OBDpB1AOBL6cOVnBtJGtk70Mzo=
cf-bgj: minify
last-modified: Tue, 06 Dec 2022 20:04:20 GMT
server: cloudflare
etag: W/"0625f7f83d53fd3b06d4460137a2bc86"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
cf-ray: 7769dc031e279a0f-FRA
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 bg-pushdown.jpg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame 57ED 193 KB
194 KB 36ms
36ms Image
image/webp 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/bg-pushdown.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a65a77d1593668305691feb5f004c2599cb703916067e3a927b46c17058d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
cf-cache-status: HIT
x-amz-request-id: DQC55782DTJD04WH
age: 1030
cf-polished: origFmt=jpeg, origSize=244492
content-disposition: inline; filename="bg-pushdown.webp"
content-length: 197696
x-amz-id-2: 1I85OGAWbcW28V58Lz75vsnwXxEx2K4fVlm4kCTW5VHVY+FV+is5raUUElSsTW2ZvBg4B4yTA3w=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 06 Dec 2022 20:06:22 GMT
server: cloudflare
etag: "8df38c6720c708f82ea587c0a1dd83bb"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7769dc031e299a0f-FRA
expires: Fri, 09 Dec 2022 01:40:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 57ED 44 KB
44 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 281985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

GET
H2

200

Betano-DE.aspx Show response
www.betano.de/promos/de/ Frame DF73
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE
https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSABGYFLSRBAADE&AutoR=1
https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSABGYFLSRBAADE&utm_medium=431&utm_source=1&siteid=1151
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

3 KB
1 KB

57ms
57ms

Document
text/html

2606:4700::6812:9ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7769dc053fd59004-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 01:10:09 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-farm: ce4
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7769dc04cf619004-FRA
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 01:10:09 GMT
location: /promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable-status: 302
x-content-type-options: nosniff
x-farm: ce4
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F6FB 1 B
21 B 33ms
15ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1177206368&t=pageview&_s=1&dl=https%3A%2F%2Fonx.la%2Fnull&ul=en-us&de=UTF-8&dt=ONX.la%20Acortador%20de%20URLs&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAACAAI~&jid=1906259891&gjid=585776426&cid=485223080.1670548209&tid=UA-72913840-5&_gid=1794975506.1670548209&_r=1&gtm=2oubu0&z=909300561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onx.la/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onx.la
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF73 8 KB
716 B 38ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:36:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 source-4.css
cdn.gmlinteractive.com/static-files/promos/css/ Frame DF73 4 KB
2 KB 59ms
26ms Stylesheet
text/css 2606:4700::6813:b110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gmlinteractive.com/static-files/promos/css/source-4.css
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 10:05:18 GMT
server: cloudflare
age: 4032
etag: W/"04382a58b4dd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-farm: 14
cf-ray: 7769dc060a179ba6-FRA

GET
H2 200 logo-de.svg
cdn.gmlinteractive.com/static-files/promos/ Frame DF73 18 KB
5 KB 28ms
28ms Image
image/svg+xml 2606:4700::6813:b110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gmlinteractive.com/static-files/promos/logo-de.svg
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 12:32:44 GMT
server: cloudflare
age: 89
etag: W/"03e13a4bb11d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-farm: 15
cf-ray: 7769dc060a229ba6-FRA

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame DF73 302 KB
97 KB 34ms
17ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9d4775bf2270ff3d9960daa1a0689c79907bf502d1c5aac0d42dfe73a20bd8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98773
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame DF73 2 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1670548209698&cv=11&fst=1670548209698&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dce6a07100f996bc8583eb3a5680412f17eb7a6ff7fa2ccc35d8f937d863514e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 911
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame DF73 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 23:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6329
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 09 Dec 2022 01:24:40 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame DF73 27 KB
12 KB 49ms
22ms Script
application/javascript 13.225.77.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-245.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 842c040a3cc90e5c4f5bd7f571b9e725ab64c9b42595e57cddd56fd5d6cbbaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 11972
x-amz-cf-id: JoeTyNsnrkG7ZvVsxgI2tABlidRQghXBstXZH0sjjTNOvGx0moF6Mw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame DF73 103 KB
28 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bKbqPp9qb3azX1D6w+ZboovH19iupBcUhKm8vZy8CvHYtQDZKe5kfueVJBXU0oFh/qWcCGnjAKS599gw0AiH8A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame DF73 78 KB
30 KB 176ms
65ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx00000f291127e5a69df03-006385e0d4-3293868f-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 bat.js Show response
bat.bing.com/ Frame DF73 38 KB
12 KB 66ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: onx.la
URL: https://onx.la/75abf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 09 Dec 2022 01:10:09 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8B509281F6B4D0A9AEA87837CDAE4F2 Ref B: FRA31EDGE0512 Ref C: 2022-12-09T01:10:09Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame DF73 15 KB
5 KB 158ms
112ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1670548209715
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6c256bcf-9613-4d54-ad45-20ec631b6aa0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7769dc070b2e88a9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame DF73 206 KB
72 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f2582a6a558ff0f661cb3759e0f8f5da0295fc07998e75fdbb7dee8839b6e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73926
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 01:10:09 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame DF73 2 KB
884 B 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 01:45:45 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame DF73 64 KB
20 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GIJRD2L+9/RVoyPb0mQrlO8ta1dBGSKJaV4Ai+OQ8KDRY/kU8uGSiJnY5NTLr4tVDJdwSF04hT2MTU7WLBWZpw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame DF73 293 KB
84 KB 26ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52bfcd6f8194355b113832b1a6f4f008bda8c77e18b0e2f5b7fa2cc7aed54586

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:10:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86388
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ujwWmEbb2brKpK+GGIDR6xbwTXMEwtT6D4l40fcBBc8eB0sBBUkAnU49bBmxrDP4EIeD1omrooYNyA34QB+HpQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame DF73 42 B
548 B 45ms
21ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1670548209698&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=2585760724&rmt_tld=0&ipr=y

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame DF73 42 B
548 B 44ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1670548209698&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=2585760724&rmt_tld=1&ipr=y

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame CC5C 0
53 B 97ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=60b56ef2-a965-4ea8-b2d9-99291d24ead8&u_sclid=1b39185d-bfdb-4e96-a197-1688eed98714

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 09 Dec 2022 01:10:09 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ Frame DF73 81 B
237 B 98ms
18ms XHR
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=59013e41-1b63-4d8e-a887-ea6d3795d988&tld=de

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

54418893e4cb1e43c1164076b97de7894a9b41bb14da52488a75d7450c49f2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.betano.de
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame DF73 0
118 B 35ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 09 Dec 2022 01:10:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DA7A2410EC8438096DC403FCC634F09 Ref B: FRA31EDGE0512 Ref C: 2022-12-09T01:10:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame DF73 0
177 B 83ms
83ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=c1c06c39-35c2-4140-96eb-3e44f9aaa2cf&sid=39c28d30775e11edb5e8cb1c12f32ea1&vid=39c2b500775e11ed9d54a1d0d4566d75&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=419&evt=pageLoad&ifm=1&sv=1&rn=881789

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 01:10:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95CDE36BA44C476487EA1C8DBD55C0BF Ref B: FRA31EDGE0512 Ref C: 2022-12-09T01:10:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame DF73 0
185 B 49ms
31ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1670548209811&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&it=1670548209753&coo=false&tm=1&rqm=GET

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Dec 2022 01:10:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame DF73 0
31 B 49ms
32ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1670548209813&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1670548209753&coo=false&rqm=GET

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Dec 2022 01:10:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 p
tr.snapchat.com/ Frame DF73 68 B
547 B 46ms
17ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&bt=1d53c387&if=true&m_dcl=418&m_ic=1&m_pi=418&m_pl=0&m_pv=v2&m_rd=635&m_sl=580&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=c92ed64b-d200-47ac-94e5-2054e897618b&ts=1670548209845&u_sclid=1b39185d-bfdb-4e96-a197-1688eed98714&u_scsid=60b56ef2-a965-4ea8-b2d9-99291d24ead8&v=2.0.0

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H3 200 1x1.gif
a.mgid.com/ Frame DF73 43 B
207 B 129ms
108ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&nv=0&clid=&clidv=0&d=1670548209882
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:10:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7769dc07ee6106ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame DF73
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE...

121 B
600 B

30ms
30ms

Script
text/javascript

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 194
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:10:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=608238615577&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 /
www.facebook.com/tr/ Frame DF73 0
18 B 18ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=Microdata&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1670548211315&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=2&o=30&it=1670548209753&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Dec 2022 01:10:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK Primary Request / Show response
adskvjn1iu3ng.atwebpages.com/ 429 B
698 B 105ms
33ms Document
text/html 185.176.43.100

General

Check archive.org

Show headers Download Go to

Full URL: http://adskvjn1iu3ng.atwebpages.com/
Requested by: Host: onx.la
URL: https://onx.la/75abf
Protocol: HTTP/1.1
Server: 185.176.43.100 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f0175e6a58c80ad8e8d9ac14afb8708ec95bd9afe7e26e99d3060ee4e0b69e5c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 429
Content-Type: text/html
Date: Fri, 09 Dec 2022 01:10:12 GMT
ETag: "1ad-5eee6ae236fc0"
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 03 Dec 2022 06:36:55 GMT
Server: Apache

POST 0
bat.bing.com/actionp/ Frame DF73 0
0

GET
H/1.1 404
Not Found estilo.css
adskvjn1iu3ng.atwebpages.com/ 0
0 34ms
34ms Stylesheet
text/html 185.176.43.100

General

Check archive.org

Show headers Download Go to

Full URL: http://adskvjn1iu3ng.atwebpages.com/estilo.css
Requested by: Host: adskvjn1iu3ng.atwebpages.com
URL: http://adskvjn1iu3ng.atwebpages.com/
Protocol: HTTP/1.1
Server: 185.176.43.100 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adskvjn1iu3ng.atwebpages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:10:12 GMT
Last-Modified: Tue, 04 Oct 2022 10:16:58 GMT
Server: Apache
ETag: "7bce3-5ea32c2a78a0d"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 507107

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=137000673&Ver=2&mid=c1c06c39-35c2-4140-96eb-3e44f9aaa2cf&sid=39c28d30775e11edb5e8cb1c12f32ea1&vid=39c2b500775e11ed9d54a1d0d4566d75&vids=1&msclkid=N&evt=pageHide

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 08:03:54	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
onx.la/	1970-01-20 08:45:40	Name: clever-last-tracker-62980 Value: 1
onx.la/	1970-01-20 08:03:40	Name: clever-counter-62980 Value: 0-1
.onx.la/	1970-01-20 17:38:28	Name: _ga Value: GA1.2.485223080.1670548209
.onx.la/	1970-01-20 08:03:54	Name: _gid Value: GA1.2.1794975506.1670548209
.onx.la/	1970-01-20 08:02:28	Name: _gat_gtag_UA_72913840_5 Value: 1
gml-grp.com/	1970-01-20 17:38:28	Name: CEK Value: a
gml-grp.com/	1970-01-20 10:12:04	Name: XYZ Value: 120&0&148&&&&0&1&&270a79ab-9a5f-46e1-82df-e888f42bd032&&a_1151b_904&
gml-grp.com/	1970-01-20 10:12:04	Name: A_904 Value: a=904&r=0&fv=0&lv=0&vc=0&fc=20221209&lc=20221209011009&cc=1
gml-grp.com/	1970-01-20 10:12:04	Name: PM_11 Value: c=YSABGYFLSRBAADE&s=1151&ad=904&md=0&pm=11&d=20221209011009&ip=2890332789&r=0&ref=https://lp.cleverwebserver.com/&RedirectParams=btag%3da_1151b_904c_YSABGYFLSRBAADE%26utm_medium%3d431%26utm_source%3d1%26siteid%3d1151
.betano.de/	1970-01-20 08:45:40	Name: btag Value: a_1151b_904c_YSABGYFLSRBAADE
.betano.de/	1970-01-20 08:02:30	Name: __cf_bm Value: sJoRHqaBAMmYf2ecduZCSwuXm_qn.m8vF2dXEyy6K1M-1670548209-0-AShiJanJPHziqKqhM+VL3zilxk3YmU1BBPBzfrlhlFkzca1U464fZxLrXVIrXbmYrbhxYCx4Bb0MMgqKV61Hob4=
.gmlinteractive.com/	1970-01-20 08:02:30	Name: __cf_bm Value: tTschjrTaHt.pNI37IYNEyw4tyYv1qv8htr4kSa2kqc-1670548209-0-ASLTKryDefIn0OvVvffpo+dXkgmx2LdGCFqT0j4sU9staDjZADR/vc3bniphPWZ3zINh6+CWQG1+wn1G7HkdWSI=
.doubleclick.net/	1970-01-20 08:02:29	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-20 17:24:04	Name: MUID Value: 2E6C81DC5E0866AE2B2893A95F836760
.mgid.com/	1970-01-20 08:02:30	Name: __cf_bm Value: 7VCIOW_O88D2vYQew4WTR4qlYHUWUH7Ly.Ag_._2bVY-1670548209-0-AW7MTNiWsWP5wwjm7+4d/kCpihDaUcmLMD0Haxh5io3brxDO8pyA5ufjEOpGzUo3gCoT7amNNdWLM4hiotCPsCA=
.snapchat.com/	1970-01-20 17:24:04	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3JwQ3AMAgDwImQjEsNHQcpyRQMn9731KpYhOGNtgDT6tkw+Wo/2ofJGVf+X8Q3uLSGSa0yAAAA
.adform.net/	1970-01-20 08:47:06	Name: C Value: 1
.adform.net/	1970-01-20 09:28:52	Name: uid Value: 305749703473684929

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://adskvjn1iu3ng.atwebpages.com/estilo.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
adskvjn1iu3ng.atwebpages.com
apis.google.com
bat.bing.com
call.cleverwebserver.com
cdn.gmlinteractive.com
cdn.onurix.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
lp.cleverwebserver.com
onx.la
s2.adform.net
sc-static.net
scripts.cleverwebserver.com
sender.clevernt.com
tr.snapchat.com
track.adform.net
ui.cleverwebserver.com
www.betano.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bat.bing.com
107.20.67.12
13.225.77.245
148.69.64.76
185.176.43.100
2600:9000:2491:2800:1e:e35f:100:93a1
2606:4700:1::6813:884e
2606:4700::6811:190e
2606:4700::6812:19f6
2606:4700::6812:9ce
2606:4700::6813:b110
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
35.190.43.134
37.157.6.235
37.157.6.254
52.22.106.250
087b495ae28e9fc88b0dbed86d9f7303ecf5c7f8f50f4a16824fa466f1c680bf
0ea131a8a292456efa9e9a8915ddc9dda759229232fdda6f0166231aceed5766
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
1a293c17367401f95e0033f63690458c58408db245c695aa90fcdac702d9bf66
1b066d510c4090e83cec09026d4d5ab1ff2dbb08f68459761dad83ffec1774e9
275ad38575769a9c620913155a7bacf2636aae462f78a2d67db83c4d1461a60e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8
4ff44a828d3863f32d2facd2fce2881b2e50c9f1bbfb54504ab04937695bf676
52bfcd6f8194355b113832b1a6f4f008bda8c77e18b0e2f5b7fa2cc7aed54586
54418893e4cb1e43c1164076b97de7894a9b41bb14da52488a75d7450c49f2cb
565f99a18ede6bdf5d8d6da7fe05d694ebb0e77cefbad2c6ccf062d3eff114f4
5957c5b418c1a2128adb6982bf2bebd2217eec361f0dbca241302756c72dd26e
5bf147816dd912f69bc4b5181eba3aadba92959bcceb7c2611d6ebfc71a6b5f8
5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18
5c93b4e2e658d0e87dd6374842cd999aa2b26d5424cafdde1448a4fba535a626
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7
5dc01eb027679fdf0f544924efc6512f44e990d550e55f9ef2292df92f389a3b
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223
6819939767e492cfe44998e97e1328cc121cb3b3167c80924dbdbe942fc1a77e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f92d2de12476e4800ece4cf4aae2ca4f45a56ae77e999e210a1363806723271
74273066540e98f18789141f8c716b8c7a366956c420c9f5d4f60f49857c6bc6
79093f31ea061942afa78c14c23884f123078945059f3ba0fb840f2f762e17a8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f2582a6a558ff0f661cb3759e0f8f5da0295fc07998e75fdbb7dee8839b6e3b
842c040a3cc90e5c4f5bd7f571b9e725ab64c9b42595e57cddd56fd5d6cbbaec
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
99de438a78b16dc0eab407baf55306f02e3775f09f428bac09ee5e13f0bc31eb
99f953dab998ae292f5429c436b470f3ff9c17e3e1aed942acedf129f22bc55b
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
a9d4775bf2270ff3d9960daa1a0689c79907bf502d1c5aac0d42dfe73a20bd8d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab0b457b80cef3e95cd052a050585750d385e355e6543c366c8c85ef299b5dfd
b0a65a77d1593668305691feb5f004c2599cb703916067e3a927b46c17058d3e
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b61170c570b35792e6612ccb32cb828d644cb5a8a692ebc7656f4ce710451d68
b94bebf3bdaae04338726a1c27cb4290816664dca7dc9455844ab26c6e0ccf2a
c2337fc5b76d8da3168e17921fcb681103cc8b01b6bc297c6e4fbb1869be6bdb
c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf76deced8154c9bb5d86f892d81e6f8292d40900cdbdb484063dc0644019ef7
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d78c4fd516efd93e32056aa666f16bae5d21f65a51131c436b22d3f4fb117393
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25
dce6a07100f996bc8583eb3a5680412f17eb7a6ff7fa2ccc35d8f937d863514e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0175e6a58c80ad8e8d9ac14afb8708ec95bd9afe7e26e99d3060ee4e0b69e5c
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f8d4dc8a2de390baede6c2ed7dcf8b105301cd30d4bb49eb5d8fe7b58cda36fc
fecc5917f95a4ba2c4e591ac7a2ca650eb142879f61a0194842496f5b6fbd366
fef08bb770de31e21a771b1683dda8d28d3c978f6e1159303c93ea1549fcc07c

adskvjn1iu3ng.atwebpages.com Open in urlscan Pro 185.176.43.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

95 %HTTPS

69 %IPv6

23 Domains

28 Subdomains

24 IPs

4 Countries

1329 kBTransfer

3888 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adskvjn1iu3ng.atwebpages.com Open in urlscan Pro
185.176.43.100 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

95 %
HTTPS

69 %
IPv6

23
Domains

28
Subdomains

24
IPs

4
Countries

1329 kB
Transfer

3888 kB
Size

19
Cookies

73 HTTP transactions
2 data transactions