landing.favbet.partners Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Page URL
2. https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	index.html Show response landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/	8 KB 6 KB	86ms 27ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dc2f83e39d3dce48738239a58f3213ae9c29fc296df437605309f0072de889f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 83b289281cb23647-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 25 Dec 2023 16:42:10 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B6SsMOeUK0t%2F28u%2B1AdopkTy5luvTFG2A2Fh8f03tjcyJHBht2QObKWmguiznwraWpNtbx1zlifBTC7DDw%2FwVG5lzWRA%2BhntHzYKLudjm%2FFZHbRary%2Bv2IYyKCXY0rjkgJ2dj09Em21i4aCloMdvo%2BIT%2BOzRw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css landing.favbet.partners/cdn-cgi/styles/	6 KB 3 KB	22ms 21ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/styles/challenges.css Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Dec 2023 14:09:38 GMT server cloudflare etag W/"6581a422-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 83b289285d1a3647-FRA expires Mon, 25 Dec 2023 18:42:10 GMT
GET H2	200	v1 Show response landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	167 KB 57 KB	32ms 32ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b289281cb23647 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a9b1f24aa1d94b20f065a8b0313455f277866060e96151a5b6d8f369cb06227 Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268&__cf_chl_rt_tk=NNfwaIzL6StktDutumZaCbR6ZYsb76loGbyT_E_2buc-1703522530-0-gaNycGzNDfs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1ZuadcfE3EvvqtSWFqfwPGMzZS3FaZVwWiZCnlYvNbj2TcQPTOOK9bgsfqaaYM%2FA7%2F5n30AXAT%2FiwQvX8ZATRrE9x95KTwgXwQOvqDnW2Y6MLjE7ZoHti%2BIaRxSw7c%2FeYgJ4FtdUoTTuWm5cFedLZgdW%2FUKUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 83b289287d503647-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/74bd6362/	34 KB 12 KB	88ms 42ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=AudPIu1&render=explicit Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b289281cb23647 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d Request headers Referer Origin https://landing.favbet.partners accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:10 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 83b289291cc93737-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico landing.favbet.partners/	6 KB 6 KB	25ms 25ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landing.favbet.partners/favicon.ico Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edb6dbdf362cf518bbfb559f1ce02bb514b44622ff0587da26d7eb7c14754c51 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGDbTsJu2wmfpNtyskV34cvthYH0l1JjhUlQFLgSdp8jpJ5XhNphe9hC57rENKrrwBSSsPNKCZrnYeFWxW5rFYWOECNuziX6DAdWLhHczPlHHv5IXzF4WcwlQND%2B9TAOQoj%2B9QOn2L2djLcVPvBQZXkxGWBiFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 83b28928cd4c3626-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	c65eebfb-3fda-483a-a5db-d9e5f60251a4 https://landing.favbet.partners/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://landing.favbet.partners/c65eebfb-3fda-483a-a5db-d9e5f60251a4 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	009c84ae4c1e596 Show response landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/689949490:1703521334:T4f_nlSzLnay8f9FPlrZDFsY9t3UZN_XLmdD9JoJ7o8/83b289281cb23647/	13 KB 10 KB	45ms 45ms	XHR text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/689949490:1703521334:T4f_nlSzLnay8f9FPlrZDFsY9t3UZN_XLmdD9JoJ7o8/83b289281cb23647/009c84ae4c1e596 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b289281cb23647 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce25af6c87fb51cfce0a8d67c015691a7a2c41a88c62b7c596b9edfe232a1c56 Request headers Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 CF-Challenge 009c84ae4c1e596 Content-type application/x-www-form-urlencoded Response headers date Mon, 25 Dec 2023 16:42:10 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPD5tCErYhgQkiuh3syVBh1HQa0gDOOEdv2S1F1nHzmsrzTFPtkr1hJN8wkoCOXQeWFwdDpqcckwSMMU1WJQDHWNraiSS1EJLoXNWecPIYQH6R7XC2mSrnDnK8AmJBc53GRtSJHEvJvFsg4U6yJbQkocMxtSAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 83b289297e263626-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen hWGw9JNY4JYU7FemBTNxMxqKz77URVUo2DH+E84eVIuxyTYRsd74yz3XrPeNH/SF$HLqajfHHrIvhGqUCFXdYzw==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o6ipr/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame A72B	0 0	55ms 30ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o6ipr/0x4AAAAAAADnOjc0PNeA8qVm/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=AudPIu1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 83b2892a0f773aa4-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 16:42:10 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	009c84ae4c1e596 Show response landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/689949490:1703521334:T4f_nlSzLnay8f9FPlrZDFsY9t3UZN_XLmdD9JoJ7o8/83b289281cb23647/	2 KB 3 KB	35ms 35ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/689949490:1703521334:T4f_nlSzLnay8f9FPlrZDFsY9t3UZN_XLmdD9JoJ7o8/83b289281cb23647/009c84ae4c1e596 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b289281cb23647 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 494a770dc89848ba68fa927e890b7ba670610ba9258a250b6f50e5d4f431217d Request headers Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 CF-Challenge 009c84ae4c1e596 Content-type application/x-www-form-urlencoded Response headers cf-chl-out 5oUDvmUl5GjF4cVish3005S/fRSPA55rG2/2BBhoZDhGK1USKwFZDCyroGRNZNbpFZs8SjMgv5LtECswkzFbLhU/zuvWXhcTVK4nrxCScgc=$aDcZYkPkfwnvgOxPYtizmQ== cf-chl-out-s ZokapM4ii417nmsM27cctc8+ahBYZJBCwNeySpNlyF/nGvraaFwiqZsvWeoZBZ5UcXgHCGBRnVdHcgOi6oXFpBXq3yCUrNshH/0LDCDjkzQyxDwfMG+M9x228W7TuwnO3aBSdMQ9w26iROwV9h6a8tK1ViYA1DCPSQcqQkdzhjTCRRiF6QGdcZ4iZsrNsC8ssCfafgGyuxAFaOtVXcvscMDcda4WSuXYpPAeVL9SXbccNFXOIF4RRiAwj9EMnaAMU+aHe5cKI2zjG/eRPvVwme8SRg0clPKagdMW/mFwwvOgUxToJVDjn14RMR1W/1Od$XsiU6bNZU1Wei3gXJ4AoBQ== date Mon, 25 Dec 2023 16:42:12 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la6Fd9XK1Fa3H%2BJ%2FTg2Tglo%2FUfDXDrb5jvNhPdVioDLUh%2FYrOtysQtpbhfWCmxVe90XH7Iu4r8DAViY41wyfgrTCw5JXmt7faY%2BFYJb2Tx4XOZVqG6Q8emg0vR0GGTEkBjdjvce4PgMprkvh5D5H1c2v7BMEbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 83b2893198ed3626-FRA alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request index.html Show response landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/	7 KB 5 KB	27ms 27ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b289281cb23647 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf42d3e91161a82d3f1e3c3289f78b29ce52df7106accc799eddd8dde5e14b9d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 83b2893e5a2f3626-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Mon, 25 Dec 2023 16:42:14 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVjI7oCC7D2rvz7MfzrCookU1jQT3pqYQ4DFj4g9lWUA9bUn6oibjiSQliXSb50hC77dtpuXd3AVy7Qo9iRxp1nd%2BoTHICmaefcnjUZAPqss%2BMNTdqTHXwZs8CcnTmOjysk6a4KT9mfxba%2B%2BDVPrpB7CbMyaLA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	challenges.css landing.favbet.partners/cdn-cgi/styles/	6 KB 3 KB	22ms 22ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/styles/challenges.css Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:14 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Dec 2023 14:09:38 GMT server cloudflare etag W/"6581a422-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 83b2893e8a673626-FRA expires Mon, 25 Dec 2023 18:42:14 GMT
GET H3	200	v1 Show response landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	171 KB 58 KB	29ms 29ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b2893e5a2f3626 Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58b2b85a4183ab6449d0e6fc1d89eccd4c24c7b4a70f7fd50b2e94bd8cafdbd8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268&__cf_chl_rt_tk=ljNAy4aUj6BR.Ap3LrFKSRQGVV0GdnOGLkLDcoyeQlc-1703522534-0-gaNycGzNC-U User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:14 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV5w7m4gz9tlKEUEcTMSdM7QLdBbFA2Fqyza6gG9gDIH4%2BkG0NVEr4yLMSI6mrU1o%2Bt7ZpYp8wjLwZtc7McRLY0Up6I6dCIFCTYu9zGYcdWVil6ERe7vitcw7CRj4fIN7KL0g%2FRd90%2F3VD7MRyP0oX6xQ1pUqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 83b2893eaa9d3626-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/74bd6362/	34 KB 12 KB	44ms 43ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=AudPIu1&render=explicit Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b2893e5a2f3626 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d Request headers Referer Origin https://landing.favbet.partners accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:14 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 83b2893f2ea73737-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico landing.favbet.partners/	6 KB 6 KB	26ms 25ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://landing.favbet.partners/favicon.ico Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf04ba72d67b8e5f3d7c25c1e1c84a047697191786374b7e52e45fe5ef3cfccf Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers date Mon, 25 Dec 2023 16:42:14 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUKFL7hP630OdfVJbuFBs25KbvX7mnNh8pDuYTbZ6VtH9wVeDC1dzq5UIbR%2B8XBxIQkUAxRlLYtORKb6TehH4yFyTh1VzS8UH6qCWrXQQRog1u32VjZh4woZNkcRUEx6fH3bjXjwgWe6L0I7%2B6kDfEl92vajYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding origin-agent-cluster ?1 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 83b2893f2b3e3626-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	61a6fa98-2c59-43f2-b3e6-099e929720be https://landing.favbet.partners/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://landing.favbet.partners/61a6fa98-2c59-43f2-b3e6-099e929720be Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language nl-NL,nl;q=0.9 Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	b61522a6046e6af Show response landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/1244773430:1703521418:02CaUMAcJ8tL6a_DheLXZNX_mqAf6EwAl3CdDWICYSs/83b2893e5a2f3626/	13 KB 10 KB	42ms 41ms	XHR text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/flow/ov1/1244773430:1703521418:02CaUMAcJ8tL6a_DheLXZNX_mqAf6EwAl3CdDWICYSs/83b2893e5a2f3626/b61522a6046e6af Requested by Host: landing.favbet.partners URL: https://landing.favbet.partners/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=83b2893e5a2f3626 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4597bc329856074e07a557f265a128faa05329c86e1e08fff206bf1075019a11 Request headers Referer https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 CF-Challenge b61522a6046e6af Content-type application/x-www-form-urlencoded Response headers date Mon, 25 Dec 2023 16:42:14 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWkPWhL1aZBAAqSblzQS17g%2FJAeztXoD50T7Ocx7N8x4AzXmX%2BcRnJ%2BNXqjh8GkfcsDrfVqxlglJlS4Bp3QKIfAR61FHKyqpDRF3rGpvSpz0ZN3p9wTU%2FZTjvhSLzwfVz%2FA8b%2BLwVtAfCgy%2BWc2j7h2ahPZFmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 83b2893fdc333626-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen yXgIrZtOSOu8WENkTJVT6IhSHXjrgtDe9ZsApPdZFIE356Q9P5BIwLXB2Xfc/rJC$15JC75dgDIGLTXNXUEYdKQ==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/pcfvm/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 2318	0 0	33ms 33ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/pcfvm/0x4AAAAAAADnOjc0PNeA8qVm/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=AudPIu1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 83b289403a1d3aa4-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 16:42:14 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			landing.favbet.partners/	1970-01-20 17:12:06	Name: cf_chl_2 Value: 009c84ae4c1e596
			landing.favbet.partners/	1970-01-20 17:12:06	Name: cf_chl_rc_ni Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://landing.favbet.partners/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://landing.favbet.partners/public/landings/a/6/a68dc97d72f65165e6f42e8ee7617cc9/index.html?redirectUrl=https://tds.favbet.partners/445/152?l=122&utm_source=Propeller&utm_medium=pop_desk&utm_campaign=ro_desk_pop_casino_coala&utm_term=5495268 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://landing.favbet.partners/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
landing.favbet.partners
2606:4700::6811:2b8
2a06:98c1:3121::3
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
4597bc329856074e07a557f265a128faa05329c86e1e08fff206bf1075019a11
494a770dc89848ba68fa927e890b7ba670610ba9258a250b6f50e5d4f431217d
58b2b85a4183ab6449d0e6fc1d89eccd4c24c7b4a70f7fd50b2e94bd8cafdbd8
5a9b1f24aa1d94b20f065a8b0313455f277866060e96151a5b6d8f369cb06227
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8dc2f83e39d3dce48738239a58f3213ae9c29fc296df437605309f0072de889f
bf42d3e91161a82d3f1e3c3289f78b29ce52df7106accc799eddd8dde5e14b9d
ce25af6c87fb51cfce0a8d67c015691a7a2c41a88c62b7c596b9edfe232a1c56
cf04ba72d67b8e5f3d7c25c1e1c84a047697191786374b7e52e45fe5ef3cfccf
edb6dbdf362cf518bbfb559f1ce02bb514b44622ff0587da26d7eb7c14754c51
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d