promo.ka-28022.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://parimatch.com/
Effective URL:
https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match....
Submission: On May 31 via manual (May 31st 2022, 7:32:35 pm UTC) from DE — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 14 domains to perform 63 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.ka-28022.xyz.
TLS certificate: Issued by E1 on April 8th 2022. Valid for: 3 months.

This is the only time promo.ka-28022.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.18.96.26 104.18.96.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6812:c4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
24	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.11.128.204 185.11.128.204	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
5	2606:4700:303... 2606:4700:3037::ac43:aaa0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.23 108.157.4.23	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4014:80f::2014	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	35.156.183.130 35.156.183.130	16509 (AMAZON-02) (AMAZON-02)
4	52.42.97.191 52.42.97.191	16509 (AMAZON-02) (AMAZON-02)
1	212.7.203.129 212.7.203.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.64.79.10 18.64.79.10	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.120 108.157.4.120	16509 (AMAZON-02) (AMAZON-02)
63	17

2 104.18.96.26 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

parimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:c4b (United States)

ASN13335 (CLOUDFLARENET, US)

td.prism.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

promo.ka-28022.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.11.128.204 (Poland)

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-204.dataspace.pl

gde-default.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::ac43:aaa0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bet.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-23.dus51.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80f::2014 (Ireland)

ASN15169 (GOOGLE, US)

promo-com-304416.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.183.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-183-130.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.42.97.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-97-191.us-west-2.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.203.129 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adpool.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-10.txl50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-120.dus51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ka-28022.xyz promo.ka-28022.xyz	253 KB
9	prism.bet td.prism.bet — Cisco Umbrella Rank: 156288	323 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	bet.pm cdn.bet.pm — Cisco Umbrella Rank: 390378	66 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5184	21 KB
4	appspot.com promo-com-304416.appspot.com
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832	67 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7174 api-js.datadome.co — Cisco Umbrella Rank: 7005	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	141 KB
2	parimatch.com 2 redirects parimatch.com — Cisco Umbrella Rank: 188520	817 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2056	257 B
1	adpool.bet z.cdn.adpool.bet — Cisco Umbrella Rank: 113941	459 B
1	gemius.pl gde-default.hit.gemius.pl — Cisco Umbrella Rank: 121456	19 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 3786	24 KB
63	14

	Domain	Requested by
24	promo.ka-28022.xyz	td.prism.bet promo.ka-28022.xyz cdn.bet.pm js.datadome.co
9	td.prism.bet	td.prism.bet
6	www.google-analytics.com	www.googletagmanager.com promo.ka-28022.xyz
5	cdn.bet.pm	promo.ka-28022.xyz
4	mpsnare.iesnare.com	promo.ka-28022.xyz mpsnare.iesnare.com
4	promo-com-304416.appspot.com	promo.ka-28022.xyz
2	www.googletagmanager.com	promo.ka-28022.xyz www.googletagmanager.com
2	parimatch.com	2 redirects
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	z.cdn.adpool.bet	promo.ka-28022.xyz
1	api-js.datadome.co	js.datadome.co
1	script.hotjar.com	static.hotjar.com
1	js.datadome.co	td.prism.bet
1	static.hotjar.com	www.googletagmanager.com
1	gde-default.hit.gemius.pl	promo.ka-28022.xyz
1	browser.sentry-cdn.com	td.prism.bet
63	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-25` - `2022-09-24`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.ka-28022.xyz E1	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2023-05-23`	a year	crt.sh
*.cdn.adpool.bet Sectigo RSA Domain Validation Secure Server CA	`2022-04-11` - `2023-04-16`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Frame ID: 139BE2E9469A99FC680BA24A600B5AE3
Requests: 63 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: B2BE4BF29FD500A0DD7C8926DDB4A3F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parimatch. Грають вони – перемагаєш ти!

Page URL History Show full URLs

http://parimatch.com/ HTTP 301
https://parimatch.com/ HTTP 307
https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad Page URL
https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

100 %
HTTPS

41 %
IPv6

14
Domains

17
Subdomains

17
IPs

6
Countries

979 kB
Transfer

2483 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://parimatch.com/ HTTP 301
https://parimatch.com/ HTTP 307
https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad Page URL
https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://parimatch.com/ HTTP 301
https://parimatch.com/ HTTP 307
https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
td.prism.bet/
Redirect Chain

http://parimatch.com/
https://parimatch.com/
https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

2 KB
2 KB

376ms
321ms

Document
text/html

2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.19
Resource Hash: db415b2df080c8c78139640a4df33f79a2011ac4049468262900262d6dd090c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 714222cb2e112373-ZRH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 19:32:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
hserver: 9
server: cloudflare
x-powered-by: PHP/8.0.19

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 714222ca88ac5b98-FRA
content-length: 0
date: Tue, 31 May 2022 19:32:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 loader_pmc.gif
td.prism.bet/assets/images/pmc/ 250 KB
250 KB 33ms
32ms Image
image/gif 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://td.prism.bet/assets/images/pmc/loader_pmc.gif
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c4234dfc2efb1beb7b1d3214f3260a05bbc8e09e5adb6336bf59ff324a7196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: public
date: Tue, 31 May 2022 19:32:30 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Jul 2020 12:36:27 GMT
server: cloudflare
age: 183098
etag: W/"5f1049cb-3e7f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=864000
hserver: 7
cf-ray: 714222cd29b02373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H2 200 pmc.css
td.prism.bet/assets/css/ 18 KB
3 KB 44ms
44ms Stylesheet
text/css 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/css/pmc.css?d8c4c438fa755e418b118af9c131f6df
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e7568339c5f8010874964d60280b3c61edfb50f695120e6b309cc400b5a241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 729866
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Jul 2020 12:36:27 GMT
server: cloudflare
etag: W/"5f1049cb-4998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=864000
hserver: 5
cf-ray: 714222cd29b12373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/5.25.0/ 77 KB
24 KB 64ms
16ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.25.0/bundle.tracing.min.js

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

88454e7bca1c38b374d60d58449e4e22261366642a8650d8d8edae2c395f2603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://td.prism.bet/
Origin: https://td.prism.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 12:46:34 GMT
server: Fastly
age: 2466991
etag: "67493449368510b48a16561680ffdc2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 24217
expires: Wed, 03 May 2023 06:16:00 GMT

GET
H3 200 jquery-2.1.4.min.js Show response
td.prism.bet/assets/js/vendor/ 82 KB
30 KB 29ms
29ms Script
application/javascript 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/vendor/jquery-2.1.4.min.js
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 728918
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 08 Apr 2020 16:42:48 GMT
server: cloudflare
etag: W/"5e8dff08-14979"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
hserver: 7
cf-ray: 714222cd8a652373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H3 200 mobile-detect.min.js Show response
td.prism.bet/assets/js/vendor/ 38 KB
16 KB 27ms
27ms Script
application/javascript 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/vendor/mobile-detect.min.js
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 172061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 08 Apr 2020 16:42:47 GMT
server: cloudflare
etag: W/"5e8dff07-9624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
hserver: 6
cf-ray: 714222cd9aa52373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H3 200 utils.js Show response
td.prism.bet/assets/js/includes/ 3 KB
1 KB 37ms
36ms Script
application/javascript 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/includes/utils.js?874ab3789a7e5ea6024622e28f94df60
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c152221128c946d0e005e19ed92049ca42172bd7ff47d041ed3a2f1e4a42087e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 262352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 13 May 2021 18:10:17 GMT
server: cloudflare
etag: W/"609d6b89-a6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
hserver: 9
cf-ray: 714222cd9ab12373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H3 200 mirrors.js Show response
td.prism.bet/assets/js/includes/ 6 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/includes/mirrors.js?874ab3789a7e5ea6024622e28f94df60
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f499596c929215b05d73dfd34561d067a8dcaa25ce9d9ddb467d5ac9638e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 262352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 29 Mar 2022 14:52:31 GMT
server: cloudflare
etag: W/"62431d2f-19c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
hserver: 9
cf-ray: 714222cd9ab42373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H3 200 main-custom.js Show response
td.prism.bet/assets/js/ 4 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/main-custom.js?874ab3789a7e5ea6024622e28f94df60
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e904a541a9058b9a99ab2d8315e516b8a044466e2f1ce9b8ee45401499aa953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 262352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 20 May 2021 10:14:30 GMT
server: cloudflare
etag: W/"60a63686-fe2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
hserver: 9
cf-ray: 714222cd9ab72373-ZRH
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H3 200 PariMatchMedium.woff2
td.prism.bet/assets/fonts/ 17 KB
17 KB 35ms
35ms Font
application/octet-stream 2606:4700::6812:c4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/fonts/PariMatchMedium.woff2
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/assets/css/pmc.css?d8c4c438fa755e418b118af9c131f6df
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bed37030d8974bbaea2f968143a17937afab90bdfde90c6dcc9a483f9741f80

Request headers

Referer: https://td.prism.bet/assets/css/pmc.css?d8c4c438fa755e418b118af9c131f6df
Origin: https://td.prism.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: public
date: Tue, 31 May 2022 19:32:30 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Apr 2020 16:42:47 GMT
server: cloudflare
age: 780043
etag: W/"5e8dff07-43d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=864000
hserver: 5
cf-ray: 714222cdaac12373-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Jun 2022 19:32:30 GMT

GET
H2 200 Primary Request / Show response
promo.ka-28022.xyz/login/uk/ 11 KB
4 KB 399ms
321ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/assets/js/includes/utils.js?874ab3789a7e5ea6024622e28f94df60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f95aecf3ddd0b8017ed2592a17a198b53423258d43fd4f04ee88dcd281ee55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://td.prism.bet/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 714222d12b1141b1-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 19:32:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knuxgixM74omWBv045uhSlNydo57H%2B9yfAnIM9A%2BubCUcA3CIk3b%2F8Ov1BMUSa9umvcA6bCOJqP%2B%2BhmocbrPvMUgUHJ%2FxXWr84tjNLn3Brudj5FtsnBVx3OTSg9Zupco7alkA2FztwiE6CdciynRV%2BQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-datadome: protected

GET
H3 200 bundle.css
promo.ka-28022.xyz/login/public/ 188 KB
32 KB 49ms
28ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/bundle.css?v=34

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b3f282c5d08502bc4dda13893f883f4ac3eb9f057862e66ac0bfd1bd1261127

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 16:24:05 GMT
server: cloudflare
etag: W/"2ef3c-5daf946515340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPmIvbi4XDliyb1kCW0ySXXV3towdhtVBjRovDxkJpJ1TafcIKN%2FpyNzXiu9pHh5PEnngBZ6gqSjOw6UUNSU%2BnOu0EZ4nLVgOwL71T0jJ7M5FJuZaPp9%2FQjmffROWkWH8ID1hzrdZVvA%2FiJvJZVLR9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d35fba68ec-FRA

GET
H3 200 loader.css
promo.ka-28022.xyz/login/public/ 3 KB
1 KB 46ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/loader.css

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b560fdcdc46218b0ad7b61b67e5b6f0b32e41fc5b25ad1fe1517fece5b330536

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Feb 2021 08:09:56 GMT
server: cloudflare
etag: W/"c93-5bbfc719fbd00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2DteP7o9hZnB%2F0wmaqiDtnkrmMmswxYFA91MBGsagpKWlQenLnF%2Fnec4fMfj88R5n3jF45gYFcSxAjJHt%2Bffaa4pWkFdY4UqfZ6%2F5Chr71m8dMbkBx2AT09z70t53iYKUILQUWS3V%2B7eo77YK7Vr00%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d35fbf68ec-FRA

GET
H2 200 xgde.js Show response
gde-default.hit.gemius.pl/gdejs/ 54 KB
19 KB 127ms
30ms Script
application/x-javascript 185.11.128.204
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.204 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-204.dataspace.pl
Software: GHC /
Resource Hash: 5936dc484b4dd11b16332e579775a6432b4f167b1572896bbbef7b7856cb8002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:31 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 10:54:15 GMT
server: GHC
etag: "621CA9D70000D91280F1178D"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19338
expires: Wed, 01 Jun 2022 19:32:31 GMT

GET
H3 200 pm-logo-new.svg
promo.ka-28022.xyz/login/public/images/ 2 KB
1 KB 34ms
32ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.ka-28022.xyz/login/public/images/pm-logo-new.svg

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39df44e3e08fbf8482d36db9c9b465739f0a4c7070da7d01f256ff22d45d7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Mar 2022 16:44:00 GMT
server: cloudflare
etag: W/"689-5da94f856b400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFWyu2rExQ58EJdhyJzylNWZcOhYoNWveliQ5UarckzFZsiaeG2TC3PlNq9DXE4gQ%2FW6QHXK42mZbypAwZMBP8VZdCjWQ%2FEm3xk0PHzmGP0IKCZbgrEtcPEZ48mYu1ff7ZqJYSy%2BtZKLId9eS%2BOBft0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d46a8168ec-FRA

GET
H3 200 modernizr-custom.js Show response
promo.ka-28022.xyz/login/public/ 3 KB
2 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/modernizr-custom.js

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Feb 2021 08:09:56 GMT
server: cloudflare
etag: W/"aa9-5bbfc719fbd00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueLByntM6kwh%2FZTD6qQ%2B2wb63YdbEPMbPU49lnVf2NjoRp2ogDnr8Y8mdvkShRaKs4fmEcoEtz5q8bOQ7C1iiMmHKKo%2B8Pg6tOnMiekIC8%2FF9eQjsHZw7FsDeZ39w%2FLKw2ERflAxL1OXjAjin10fFlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d3a87968ec-FRA

GET
H3 200 vendor.js Show response
promo.ka-28022.xyz/login/public/ 86 KB
32 KB 30ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/vendor.js

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d39235686fca1ddafae3e9b4e201e16666ee7597bb015a90fb09a12da2cb538

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Apr 2021 08:50:33 GMT
server: cloudflare
etag: W/"15990-5c1189690c840-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euBrvWOktE%2Fn2pz%2BdiI9kcK3A5tNXK%2Fjg3rHKqN4avyZSoXjDjHf%2BE1LI4jF6v3vD2VijJwGQl6nNdloTABALMZGGtRJaMTZcg4zhCw8MngtgmrDxhXuCcA8tP954hXegkqjrca4YLS9F7qIEKyhB2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d3e92e68ec-FRA

GET
H3 200 bundle.js Show response
promo.ka-28022.xyz/login/public/ 230 KB
73 KB 35ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/bundle.js?v=1.03

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

074e3c3953374ab98df5c1f17e7ddd11726ced4424c8872ea6161c5760ae7cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 16:24:05 GMT
server: cloudflare
etag: W/"39688-5daf946515340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHj3xOCknm9sU6PPT2JOVbjkflAXW4StrBzw3v34on56UORSFPZsgNtr1DzbB13OQFs8CgHVhKc0yiVPaJfUGdPOrFrgv%2FaJ8oH2ssppj%2BKifFoTMph9edjHIuH5%2F4wkOSbDRszO9x6v%2BcOOiU9B%2BgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d44a3168ec-FRA

GET
H2 200 phoneMasks.js Show response
cdn.bet.pm/common/js/global-phone-mask/com-with-login/dist/ 120 KB
37 KB 270ms
217ms Script
application/javascript 2606:4700:3037::ac43:aaa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/global-phone-mask/com-with-login/dist/phoneMasks.js?v=1.005
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aaa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995c9a0fb64e38ca9a1f46f09c935118a1345597b001068f0ff9b734452c9f77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Sep 2021 14:33:37 GMT
server: cloudflare
etag: W/"61547941-1debf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJP6JmKEw%2F%2Bta1JXtI5Qt2tuiqQmLPIRz7gl31zV%2Br9aguFzOBu39pNlaHJcpIicbH%2Bp7WWmzPopmqbalQh9tNnreswCe8jaBVo2UEN6kvTZRsbn6XJA55NQgT7ZbFZ0H9EitA62XQDx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714222d4991583ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 May 2022 19:32:34 GMT

GET
H2 200 password-validation.js Show response
cdn.bet.pm/common/js/global-password-validation/dist/ 76 KB
24 KB 237ms
200ms Script
application/javascript 2606:4700:3037::ac43:aaa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/global-password-validation/dist/password-validation.js?v=1.002
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aaa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaeeb16fb16de5a8625715693f92ade6c697446926e0ba9fbc074123823c626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 03 May 2022 07:41:50 GMT
server: cloudflare
etag: W/"6270dcbe-131e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WiZJ6lw6pLwdDSJg2xv3%2FrlDfhAoJ%2Fkz7SpEkV8epm%2FEwM2CjKfHE%2BiTjBMWuDCdDkPWcGW4fS5PphWlbcyTo9DIVWufurCUBtzywnPFeVKR%2B2RaNOKhzAMUzX3pU%2FWlfmfupqxqtYX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714222d4991e83ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 May 2022 19:32:34 GMT

GET
H2 200 auth-helper.js Show response
cdn.bet.pm/common/js/ 8 KB
3 KB 228ms
192ms Script
application/javascript 2606:4700:3037::ac43:aaa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/auth-helper.js
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aaa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc12a331d8a30b47974de089ff3728dfaf1dae22b278957b134b18c6fea90827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Feb 2022 14:06:30 GMT
server: cloudflare
etag: W/"61f93e66-1f2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZDEriWLEZ%2BfpZfQfzc1iJ6hUOxpNwHrfMJzZWdv9LkdKA6QJRRt6ZmK%2FhPftZ%2BTbWsUbHAkcdEoisL7oQ9dCfcH6MWuNXYQezl3s5jXKU8%2FSUQ4VR33R10yVkkzCBq%2Fw3Ja360FCXL%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714222d4992283ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 May 2022 19:32:34 GMT

GET
H2 200 links.js Show response
cdn.bet.pm/common/js/ 2 KB
1 KB 250ms
215ms Script
application/javascript 2606:4700:3037::ac43:aaa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bet.pm/common/js/links.js?v=2
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aaa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 810017eee83cd86af76e26ef35f74ea5be843d1ad7c31891fe50f94a1cc5124d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 10:18:40 GMT
server: cloudflare
etag: W/"60eeba00-89c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brCN3tHLr0kXzeZI8RKTQxZ2aFsBclAyAoq3fBMnX6AAQ0ZfsjBHy15Hwdm%2Bm7Hfpc2aUZ%2FJVheWOZDod92699ajLqlEjstafmMq473OUuGVg8L0FwUzeldlBDBYFKOur4LNgCDw3adA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714222d4992683ac-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 May 2022 19:32:34 GMT

GET
H3 200 framework.min.js Show response
promo.ka-28022.xyz/mtapi/js/build/ 35 KB
9 KB 131ms
128ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/mtapi/js/build/framework.min.js?v=1.0.2

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e5d804e5d9f71a2904ef72a45232b267d54421536981f1ed8fc5019c66a356

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 13:48:10 GMT
server: cloudflare
etag: W/"6290d69a-8cd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgFyQoWBv8MtdNh7MQtQk2ZWNid4YYy1AxrcKWCWSDwhKNbcuR%2F9lHpyXw%2BJOsHewfVdkAqaUB%2BU4IDw4kccuieZf%2FKI1%2FIrGTLs%2FBSc1nqfvi%2B6x%2FZk5EgHx8WmG5kkoxduoxuGnGkUSwQH4u51Rm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d46a7e68ec-FRA
expires: Tue, 31 May 2022 19:32:34 GMT

GET
H3 200 forms.js Show response
promo.ka-28022.xyz/login/public/js/ 4 KB
2 KB 40ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/js/forms.js?v=1.01

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f986dcb70838b5aeeb4c562746bbacb3c83ed32bf4bebbe8b01ae57ecd92d00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3943
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Mar 2022 18:44:07 GMT
server: cloudflare
etag: W/"109b-5da96a5e8cbc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgoq1fFG8OvL7vJAVY%2B%2Fu8upTwhhpD4VdHP7bJkKegxLRHImrQB9ZJ5dwTFS0Y%2Fav0si%2Bp18SbW9Xvcvvei3pl0DJB%2F1snaLq06DHPNWJA%2B%2BgF65cWGae73nPzLIwr8SLO750WtMD71%2FbIE6fonANNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d46a8468ec-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
74 KB 41ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHQX8JG

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e562aa116253042855ef6fd941a29b35c507e19f14f9957fcc10f75d1ea3992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74915
x-xss-protection: 0
last-modified: Tue, 31 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 19:32:32 GMT

GET
H3 200 Gilroy-Regular-2360bce57102a1f6d7e8ed86a3e8242b.woff2
promo.ka-28022.xyz/login/public/fonts/ 27 KB
28 KB 28ms
28ms Font
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/fonts/Gilroy-Regular-2360bce57102a1f6d7e8ed86a3e8242b.woff2

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/public/bundle.css?v=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8540eccf3985e2187361d6f782a9ba554f7e03bb79a0bee55a40173ddb4dfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.ka-28022.xyz/login/public/bundle.css?v=34
Origin: https://promo.ka-28022.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27728
last-modified: Sat, 19 Mar 2022 17:39:10 GMT
server: cloudflare
etag: "6c50-5da95bda14b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgKsEvom2mxpz4WrEBU7V6i62Ej4%2BbUull47ElQqlHfSqUKJt%2BcOrLon8F%2FndADP86y3Nt2IWXUB1z1r4pyOyQczcwBcF5VLXxy2O6BPI5AktvXwncLoCTWzoMqyCvRk04OGh%2FXmRZ0zaZ19HIFmOCY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714222d47a9668ec-FRA

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Gilroy-Bold-e7a35b1551191672a37e5d4cf0628848.woff2
promo.ka-28022.xyz/login/public/fonts/ 28 KB
29 KB 42ms
41ms Font
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/fonts/Gilroy-Bold-e7a35b1551191672a37e5d4cf0628848.woff2

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/public/bundle.css?v=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4610ce8d8b2b706779f18c3af444b29747a8a778621f69ddda46720b5a8e1023

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.ka-28022.xyz/login/public/bundle.css?v=34
Origin: https://promo.ka-28022.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3617
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28952
last-modified: Sat, 19 Mar 2022 17:39:10 GMT
server: cloudflare
etag: "7118-5da95bda14b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebkIdNSsDfoZFbrBQd8K93RLjM7z20C9pPluxi%2FowLp3KRexZOFxFwdHIo07xe7e6loK9F3qmEKrMKkdrKIzfp0PtHvH8%2BPZacRLSyoRBA1E5r%2FZhnYbBxFEVTNA%2F3drEvSicc%2FIS9yb2%2FldjXMXOI8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714222d47a9e68ec-FRA

GET
H3 200 icomoon-81b14ef7be15db54463f6ba950de9e8d.ttf
promo.ka-28022.xyz/login/public/fonts/ 6 KB
5 KB 42ms
42ms Font
application/font-sfnt 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/login/public/fonts/icomoon-81b14ef7be15db54463f6ba950de9e8d.ttf

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/public/bundle.css?v=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0810bb9c20c37cbd78b6e99bdfd42af280d57a790ac733ea69ed5a381d680ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.ka-28022.xyz/login/public/bundle.css?v=34
Origin: https://promo.ka-28022.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3617
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Mar 2022 17:39:10 GMT
server: cloudflare
etag: W/"19a8-5da95bda14b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJEVhyy4H1x%2BdWbId5T1xgPAK80W2LtcJelKdOFacsw25zBneKXoFdYeyKsSPEHoHplvS4iM%2BWu5j8xNEAG26m%2BlJ23absGpJE6gyQnyBhGOKE4paL7fXVPMOwTr9m9cG5NWLBK%2Fyv%2FvwSfW7KOoShs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d47aa068ec-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 32ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W84Q4D7X4F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHQX8JG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

539732bc4d3b34b90d0b4f16c2c42823a8a00db470410c816d33db184f124890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69207
x-xss-protection: 0
expires: Tue, 31 May 2022 19:32:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHQX8JG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4404
date: Tue, 31 May 2022 18:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 31 May 2022 20:19:08 GMT

GET
H2 200 hotjar-1787775.js Show response
static.hotjar.com/c/ 4 KB
2 KB 47ms
7ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1787775.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHQX8JG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

82db188d399fbb47b86a09d56032a08c366e24af769a205270bc8cdb4ca5fe6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 24
etag: W/d7b379af65acf9b3df9ba05c6ec8b66c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: ANk2rxJ79nhP_kFlHT3G0Zgu9n0tavd5yWBt4Ajtxz1aOLxotMUhkg==
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)

GET
H2 200 tags.js Show response
js.datadome.co/ 206 KB
42 KB 41ms
10ms Script
text/javascript 108.157.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-23.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

11f7c2fa09c39674412328f8b98aa04140024cbe4e0ddd9f1ee6ed40ca6d3da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:40:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3144
x-cache: Hit from cloudfront
content-length: 42643
access-control-allow-origin: *
last-modified: Mon, 30 May 2022 12:39:53 GMT
server: Apache
etag: "33804-5e039f3e72633-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: EdBt_rLyvJs8171Ynhx3rGUl0zxayBPR8zV_3l3ZgEQ7B2A8egcUVA==
expires: Tue, 31 May 2022 19:40:08 GMT

GET
H2 404 collect
promo-com-304416.appspot.com/ 0
0 143ms
48ms Image
text/html 2a00:1450:4014:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1742733848&gjid=1949754406&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&_r=1&gtm=2wg5p1WHQX8JG&cd4=2022-05-31T19%3A32%3A32.136%2B00%3A00&cd22=1654025552136&z=1305289442&cd2=349487182.1654025552
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4014:80f::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=5868784&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1742733848&gjid=1949754406&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&_r=1&gtm=2wg5p1WHQX8JG&cd4=2022-05-31T19%3A32%3A32.136%2B00%3A00&cd22=1654025552136&z=1305289442&cd2=349487182.1654025552

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 20:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81852
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W84Q4D7X4F&gtm=2oe5p1&_p=5868784&_z=ccd.tdB&cid=349487182.1654025552&ul=en-us&sr=1600x1200&_s=1&sid=1654025552&sct=1&seg=0&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&en=page_view&_fv=1&_ss=2&ep.clientId=&epn.timestamp=1654025552133&up.clientId=&up.hit_timestamp=2022-05-31T19%3A32%3A32.133%2B00%3A00
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W84Q4D7X4F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:32:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.ka-28022.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.d0961e771164cd91e405.js Show response
script.hotjar.com/ 243 KB
63 KB 38ms
7ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0961e771164cd91e405.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1787775.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43106
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64057
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 07:33:23 GMT
etag: "1ed5739adb19197da798013ab080794d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pFB_flKR8Szk_gE0W5SIVrItIdLLVEsb4VpO03b_q34oZaAhPajVXg==

POST
H2 200 / Show response
api-js.datadome.co/js/ 232 B
410 B 55ms
11ms XHR
application/json 35.156.183.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.183.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-183-130.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 4ef17b1f39a0aee1a5be6fae296b38746d78e693412cb26fd3a756a19e182a14

Request headers

Referer: https://promo.ka-28022.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:32:32 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
expires: 0

GET
H3 200 / Show response
promo.ka-28022.xyz/forms/masks/ 21 KB
5 KB 252ms
252ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/forms/masks/?brand=com

Requested by

Host: cdn.bet.pm
URL: https://cdn.bet.pm/common/js/global-phone-mask/com-with-login/dist/phoneMasks.js?v=1.005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e441abd2a5036fa4724a5093ec4c5f2228f063be5f0073878b3339942ebf911

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BHpoJxVVViOrnhY61q0ijhPZJyeGyxwCAohFGqN8Euq5lXo0a5SggeThtFvqy%2F%2BHvSf3K3vZTpZjVql8UxbeZVJJP04zLLhEPDaiL4UReHEmCtdgVEeA8zNuciyiAYApbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 714222d62f2a68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ts.php Show response
promo.ka-28022.xyz/mtapi/io/v2/api/ 27 B
562 B 201ms
201ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/mtapi/io/v2/api/ts.php

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c04dd59e5f97cb8077fdeca29836546874a74a476a5dd4a4ce9befc66f1af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV14%2FokouzwR9gJLHJHlk9ETND6IdTqmerjS4kAY0EzcrYtww4DxzU6BX%2FuU7o8SGmt1IUfPYwfq78xR%2FfcbcN6%2BqxqX580Z6xza9%2Fbo6hHQufCMh1VuIyJoIdObZTYd8NddWdYdT%2BNLAu5N1Fnc%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store
hserver: 8
cf-ray: 714222d62f3068ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H3 200 static_wdp.js Show response
promo.ka-28022.xyz/iojs/general5/ 39 KB
17 KB 375ms
375ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/mtapi/js/build/framework.min.js?v=1.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40310d0d67284fe114b30be52ae10dddac01fa243da60254ee9533a385bc3948

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NON DSP COR CURa"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 May 2014 00:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEE0xIcN5YEQLNsOefIUEiXRZBc7sLIlgHxbtobVF53H7CmgQE6CGhHOBHmxeem6s0smG8ZdwQGLk3z8cY8xVznMHYmUZ3XV4LpE%2FeA9k8Zl11qUv3OyquVKXM9ABwKDvbL2JHUDie4xGInXxz48bps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding
cache-control: private
cf-ray: 714222d62f3968ec-FRA
expires: Thu, 30 Jun 2022 19:32:32 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 41 KB
19 KB 816ms
317ms Script
text/javascript 52.42.97.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/mtapi/js/build/framework.min.js?v=1.0.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.97.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-97-191.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d26608768b753529095f2e2196e935c23e1c52e39ccee880e6d82bba8031594c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 19:32:32 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H3 200 io.js Show response
promo.ka-28022.xyz/api/io/static/ 6 KB
3 KB 37ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/api/io/static/io.js

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

286396cfeb46fc8d7749a8f8124177213e87610e47b8f06668fb4c4a0ac5bd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Mar 2021 11:36:47 GMT
server: cloudflare
etag: W/"1922-5bca04421b5cd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lr9pqqxVkBaCY2XUeAMe3O4gl6OG70XCC5O5oITuaGH0812z2czUWuCkMLdYOlzENICVobSp0hReXErZkQEceLlokBxJTXLbLxejBOeuSOh7H9OnAVwuS5C7aj%2BDqDbXRLoTJC9kwcnKRafmjfilAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d64f9968ec-FRA

GET
H3 200 adp.js Show response
promo.ka-28022.xyz/api/adpool/static/ 5 KB
2 KB 29ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/api/adpool/static/adp.js

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/?tid=pr_a9b2_UA_Players_abroad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98ca1035241a70724efaeefda944cda26c94e6ab08b32b3aea173abb0eeae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Nov 2020 10:49:36 GMT
server: cloudflare
etag: W/"5fb4fc40-14a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9rSgCrHQUof52xF7d0srUyFijIll7SCED7B06jpjlKJd2UQMwPJj3Vx3q%2FCBYXyzeTJfE3v2Mmd5VJMUIu%2Ffbm16W32T7tAz0%2BYn%2BFtZfYi2R1%2F4Q21EF56e1M%2FbB%2ByRlUJ9o1sAoRk7QEmaWVLCRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 714222d64fa168ec-FRA

GET
H/1.1 200
OK au Show response
z.cdn.adpool.bet/ 35 B
459 B 75ms
23ms Script
application/javascript 212.7.203.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.adpool.bet/au?a=19&&sr=1600x1200&pl=3&mi=4&me=8&hc=4&vc=Intel%20Iris%20OpenGL%20Engine
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/api/adpool/static/adp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.7.203.129 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2ed7f6eafe9c597d5f40f76c6ea13293db1d0096112f4f6154aa8c8c88fd3cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:32:32 GMT
Server: nginx
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 35
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame B2BE 2 KB
1 KB 74ms
19ms Document
text/html 18.64.79.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1787775.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-10.txl50.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://promo.ka-28022.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43106
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 56d45ca72c110eb4c3736727b5f5040a.cloudfront.net (CloudFront)
x-amz-cf-id: l8JPGwOtj19yt1aPwAFX2YU6bIK-cRNZdGaVuCU-AA0htPBNe1ewnA==
x-amz-cf-pop: TXL50-P2
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 handler.php Show response
promo.ka-28022.xyz/api/adpool/collect/ 0
551 B 70ms
69ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/api/adpool/collect/handler.php

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/api/adpool/static/adp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pzt8qFk4KHHqB3exZoS6iIC8seLSLdfoVhLtLBWm6gShbpjFFbYaRmoyc8tM%2BBrGraZz15ZsBB2bmic1pauVRnEer3g9j8KdN%2BDWilWQp2NeJrZ3f5GAm6Gfr7IJu8coiVBW7GkilxgoVN0zIsR7vPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 714222d73a7b68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 1787775 Show response
vc.hotjar.io/sessions/ 0
257 B 79ms
34ms XHR
text/plain 108.157.4.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1787775?s=0.25&r=0.23868239338970487
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-120.dus51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: T4RO4XdaSq1xxVDPPUccTO1iKyQo30oxhv_wDTAZqdTRto-y04UtCA==

GET
H3 200 get_country.php Show response
promo.ka-28022.xyz/ 2 B
546 B 62ms
61ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/get_country.php?v=1654025552629c74845f775048

Requested by

Host: cdn.bet.pm
URL: https://cdn.bet.pm/common/js/global-phone-mask/com-with-login/dist/phoneMasks.js?v=1.005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy8j2Fh455OoXaQ843E65zL8sgSFthxMVA%2FqqHPc4cvWPQgd779QhVG0%2BDD2xcf9qoM4ow7otJUNfBrpPMFsmuJH%2Bsv6VH2BRptPqrHySAoBBmuWXGdEWfVMpzG%2B0a9Q3wDSZWf6OILUVEAkmYQrMZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 714222d80cbc68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 get_country.php Show response
promo.ka-28022.xyz/ 2 B
543 B 77ms
76ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/get_country.php?v=16540255526368a0bb6e0b3883

Requested by

Host: cdn.bet.pm
URL: https://cdn.bet.pm/common/js/global-phone-mask/com-with-login/dist/phoneMasks.js?v=1.005

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu9EPgm0V0139yDw9LCLGlyHURjWrjWNlyDyLJy1MTgPVZP1yxoUhvkeL6gWvNaYJdEPNF4WzaDWNBw5WkepwF1FT2E19EMLPgX6XKMBj9Hb4GJCKU6zjvk0uNRBBNelbChN11BNSM9GfDDpihmXr7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 714222d81cd968ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ua.svg
cdn.bet.pm/common/js/global-phone-mask/by/dist/flags/ 177 B
706 B 78ms
47ms Image
image/svg+xml 2606:4700:3037::ac43:aaa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bet.pm/common/js/global-phone-mask/by/dist/flags/ua.svg
Requested by: Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:aaa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfe3adcf00ed2513f8ae3a6f484c71c73cbd4723fdd6095fbe996af47988f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 10:47:29 GMT
server: cloudflare
age: 3954
etag: W/"60893d41-b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moPbJO39wzDyNAVSo8tr5PwDii%2B4F5J8Vk6bf5vzSfDOoUrzPbbNqH6sDjXJFxUf27Acly0RWMe%2FtCPjSjMrOgeDEi4BREXCMyI0ASCyM9pplJOQK7A3fn%2BXKK2Fe1q4JwevD9%2FwGldV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714222d8c8417359-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dyn_wdp.js Show response
promo.ka-28022.xyz/iojs/5.5.0/ 2 KB
2 KB 276ms
276ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/mtapi/js/build/framework.min.js?v=1.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad416781dcdca16385142455943e9179a4aca75b22646a6f669ff0e6f05166c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NON DSP COR CURa"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg%2FEHXedlQOUY0L6IvdM5sG8fR0MOty1WuUjalgEslIoKp%2FL2EX9yksEK9sKvtCCx%2BacGRapslRMG7BBTeqZeEzaeMzVVyuieeo9jrRaJseq9kHVQQmW0ppRUbSs2SxXTEGyjonfGr7X1PO5VMMLerg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding
cache-control: no-cache, private
cf-ray: 714222d8be8168ec-FRA
expires: 0

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 442ms
160ms Media
audio/mpeg 52.42.97.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.31734849349247196

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.97.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-97-191.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f46c831430cdb1d6885b0897ef4b16f41e5227bb5df2226cb21248ded460a2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://promo.ka-28022.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Tue, 31 May 2022 19:32:33 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 logo.js Show response
promo.ka-28022.xyz/iojs/5.5.0/ 505 B
1 KB 276ms
276ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/iojs/5.5.0/logo.js

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a6b7114464e8aad5e4fa850b579534fcd9ea9ccbb9723dfa9f7d9ca5944feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NON DSP COR CURa"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 May 2014 00:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs%2BXA7dcXbCCTjKz%2F1t1132dsxtqejgZucNqR4pOWTwiat%2Bv2x1WY9nZ%2Bhj1bvx6q5lwnBx%2FY%2Fsu1LHzQVz1Q5bKrKdsvs0CRNBD%2B24eXxBwQFfWH3HE2Ith6lclyDWHw%2BTwnykH9gZVipt3e627beE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding
cache-control: private
cf-ray: 714222da6aca68ec-FRA
expires: Wed, 31 May 2023 19:32:33 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.5.0/ 505 B
924 B 304ms
158ms Script
text/javascript 52.42.97.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.5.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.97.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-97-191.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f0546642632b3e8b0c525f3ff5e538d6506cc0f7ee79a54f442feb5cf5744c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:32:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Wed, 31 May 2023 19:32:33 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 320ms
159ms Media
audio/mpeg 52.42.97.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.6319718401206034

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.97.191 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-97-191.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f46c831430cdb1d6885b0897ef4b16f41e5227bb5df2226cb21248ded460a2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://promo.ka-28022.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Tue, 31 May 2022 19:32:33 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 404 collect
promo-com-304416.appspot.com/ 0
0 103ms
48ms Image
text/html 2a00:1450:4014:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553521&cd4=2022-05-31T19%3A32%3A33.521%2B00%3A00&cd22=1654025553521&z=340488585&cd2=349487182.1654025552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553521&cd4=2022-05-31T19%3A32%3A33.521%2B00%3A00&cd22=1654025553521&z=340488585&cd2=349487182.1654025552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 20:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81853
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 404 collect
promo-com-304416.appspot.com/ 0
0 106ms
51ms Image
text/html 2a00:1450:4014:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553529&cd4=2022-05-31T19%3A32%3A33.529%2B00%3A00&cd22=1654025553529&z=837756486&cd2=349487182.1654025552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553529&cd4=2022-05-31T19%3A32%3A33.529%2B00%3A00&cd22=1654025553529&z=837756486&cd2=349487182.1654025552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 20:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81853
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 404 collect
promo-com-304416.appspot.com/ 0
0 107ms
53ms Image
text/html 2a00:1450:4014:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=100%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553535&cd4=2022-05-31T19%3A32%3A33.535%2B00%3A00&cd22=1654025553535&z=217882595&cd2=349487182.1654025552
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4014:80f::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=100%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553535&cd4=2022-05-31T19%3A32%3A33.535%2B00%3A00&cd22=1654025553535&z=217882595&cd2=349487182.1654025552

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.ka-28022.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 20:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81853
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 handler.php Show response
promo.ka-28022.xyz/mtapi/io/v2/collect/ 90 B
607 B 164ms
164ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/mtapi/io/v2/collect/handler.php

Requested by

Host: promo.ka-28022.xyz
URL: https://promo.ka-28022.xyz/mtapi/js/build/framework.min.js?v=1.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de5e45bd32bdcdf51a41a9fdeaa03a6f6f2bd2549b1900c57d28c9cefa90c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 31 May 2022 19:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChfYhvbkUpY%2B1Fo6WrvacGDOmwtcP%2FdX22pM7ig1GEJVBvEG9nKXf29uz6hjnNu%2BqsI2eb1kbfrFAig7ZvlqS4azEwiBpfGWtRG0rJaLKHhWPXYSZoQw2y%2FwdhJt2Og%2FyOBB%2FPdmzA5wGAfYAN0yIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
hserver: 8
cf-ray: 714222e2282d68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 404 marketing-metadata Show response
promo.ka-28022.xyz/api/v1/ 308 B
780 B 57ms
56ms Fetch
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.ka-28022.xyz/api/v1/marketing-metadata

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67764f007da3218284ead7ce3fd155ca7fe6b928eaab72c4af097d267fc7c77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 19:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNd8BTcEhGADTuSP3voz95zYDvTRo%2BjUnBpYdT0HLuF5sBSjNz5AxLJqsUmktCVq1Cm3PI4Jxo7EcFSELPeDfZOACIJzlyUs90%2F3EX22kCgBVXatir%2B7getAxjct1KvoMlCOfpYCrD%2FSG1iNRocV%2FEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 714222e33a9b68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
promo.ka-28022.xyz/login	1969-12-31 23:59:59	Name: i18n_locale Value: uk
.parimatch.com/	1969-12-31 23:59:59	Name: __cfruid Value: 45e36fb642fe08b4ce93dd307bac6e157d8ed8e8-1654025550
td.prism.bet/	1970-01-20 05:36:41	Name: td_uuid_monitoringua_players_abroad Value: 715d2dce-6a51-432d-9811-f5c66e207b86
td.prism.bet/	1970-01-20 03:28:28	Name: __cflb Value: 02DiuDiF1DRzPgdfbWHiN9tdnKyr3TZ7metX5A1NskBcx
promo.ka-28022.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 69bvhu06scblilje7upchjr6e6
.ka-28022.xyz/	1970-01-20 03:28:31	Name: _gid Value: GA1.2.1666545896.1654025552
.ka-28022.xyz/	1970-01-20 03:27:05	Name: _gat_UA-85204139-17 Value: 1
.ka-28022.xyz/	1970-01-20 20:58:17	Name: _ga_W84Q4D7X4F Value: GS1.1.1654025552.1.0.1654025552.0
.ka-28022.xyz/	1970-01-20 12:12:41	Name: datadome Value: X5fm.LjcJiJJ8LtMmLngKVYPQPdTi_OwTRVV_qQaucY2T9o7Hg~SCQtqYITLcEFsJ1fZsSqMV0dCAnUKUoPiSfOEjQZ6hjH5az-5XSmOe4fdEwkQ.~ZveyOKNMZd3SF
.ka-28022.xyz/	1970-01-20 03:28:31	Name: browsing_mode Value: general
.cdn.adpool.bet/	1970-01-24 12:37:15	Name: AU Value: 1b10dae4640a32aa
.ka-28022.xyz/	1970-01-20 12:12:41	Name: _hjSessionUser_1787775 Value: eyJpZCI6ImQ5NzNjOWQxLTc3ZmYtNWE2Yi1iY2Y5LWUxMjc2MzZmZWJiZiIsImNyZWF0ZWQiOjE2NTQwMjU1NTIzMDEsImV4aXN0aW5nIjpmYWxzZX0=
.ka-28022.xyz/	1970-01-20 03:27:07	Name: _hjFirstSeen Value: 1
promo.ka-28022.xyz/	1970-01-20 03:27:05	Name: _hjIncludedInSessionSample Value: 0
.ka-28022.xyz/	1970-01-20 03:27:07	Name: _hjSession_1787775 Value: eyJpZCI6IjNiNzQzNWE0LTFjZjEtNDM3ZC04Y2Q0LTZlMjgxMjcxODRmMSIsImNyZWF0ZWQiOjE2NTQwMjU1NTI1MzYsImluU2FtcGxlIjpmYWxzZX0=
.ka-28022.xyz/	1970-01-20 03:27:07	Name: _hjAbsoluteSessionInProgress Value: 1
.ka-28022.xyz/	1970-01-20 03:31:24	Name: org Value: search
.ka-28022.xyz/	1970-01-20 03:31:24	Name: org_t Value: 1654025552497
.ka-28022.xyz/	1970-01-20 03:47:15	Name: pr_tid Value: pr_a9b2_UA_Players_abroad
.ka-28022.xyz/	1970-01-20 03:47:15	Name: pr_brand_domain Value: DE+/+COM+/+P+/+promo.pari-match.com
.ka-28022.xyz/	1970-01-20 03:47:15	Name: pr_landing_path Value: /login/uk/
.ka-28022.xyz/	1970-01-20 03:47:15	Name: sourceUrl Value: https://td.prism.bet/
.ka-28022.xyz/	1970-01-20 03:47:15	Name: registerUrl Value: https://promo.ka-28022.xyz/login/uk/?tid=pr_a9b2_UA_Players_abroad&brand_id=65&brand=DE+%2F+COM+%2F+P+%2F+promo.pari-match.com&landing_path=%2Flogin%2Fuk%2F
.ka-28022.xyz/	1970-01-20 12:12:41	Name: dhash Value: 41866e9f-941e-4ff3-ab8c-f005b361e619
promo.ka-28022.xyz/	1969-12-31 23:59:59	Name: SRVNAME Value: ws1
promo.ka-28022.xyz/	1970-01-20 12:12:41	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: oOyNPvN0FsOqvFrFSajBBghcijsTl2NWk0cJP1Ldg2Y=
mpsnare.iesnare.com/	1970-01-20 12:12:41	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: PfDPlzCWEOW8so9q68D8iUH+F0dYLNK9bb8Qk++0KBw=
.ka-28022.xyz/	1970-01-20 20:58:17	Name: _ga Value: GA1.2.349487182.1654025552
.ka-28022.xyz/	1969-12-31 23:59:59	Name: iohash Value: 1b54eed58cad245746dd16fe553f01170ece1a977eed945e3dba0e085274de47

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1742733848&gjid=1949754406&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&_r=1&gtm=2wg5p1WHQX8JG&cd4=2022-05-31T19%3A32%3A32.136%2B00%3A00&cd22=1654025552136&z=1305289442&cd2=349487182.1654025552 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553521&cd4=2022-05-31T19%3A32%3A33.521%2B00%3A00&cd22=1654025553521&z=340488585&cd2=349487182.1654025552 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553529&cd4=2022-05-31T19%3A32%3A33.529%2B00%3A00&cd22=1654025553529&z=837756486&cd2=349487182.1654025552 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promo-com-304416.appspot.com/collect?v=1&_v=j96&a=5868784&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo.ka-28022.xyz%2Flogin%2Fuk%2F%3Ftid%3Dpr_a9b2_UA_Players_abroad%26brand_id%3D65%26brand%3DDE%2B%252F%2BCOM%2B%252F%2BP%2B%252F%2Bpromo.pari-match.com%26landing_path%3D%252Flogin%252Fuk%252F&dr=https%3A%2F%2Ftd.prism.bet%2F&ul=en-us&de=UTF-8&dt=Parimatch.%20%D0%93%D1%80%D0%B0%D1%8E%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BD%D0%B8%20%E2%80%93%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BC%D0%B0%D0%B3%D0%B0%D1%94%D1%88%20%D1%82%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Deph&ea=100%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=349487182.1654025552&tid=UA-85204139-17&_gid=1666545896.1654025552&gtm=2wg5p1WHQX8JG&cd2=349487182.1654025552&cd3=349487182.1654025552_1654025553535&cd4=2022-05-31T19%3A32%3A33.535%2B00%3A00&cd22=1654025553535&z=217882595&cd2=349487182.1654025552 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promo.ka-28022.xyz/api/v1/marketing-metadata Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
browser.sentry-cdn.com
cdn.bet.pm
gde-default.hit.gemius.pl
js.datadome.co
mpsnare.iesnare.com
parimatch.com
promo-com-304416.appspot.com
promo.ka-28022.xyz
script.hotjar.com
static.hotjar.com
td.prism.bet
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.googletagmanager.com
z.cdn.adpool.bet
104.18.96.26
108.157.4.120
108.157.4.23
18.64.79.10
18.66.97.49
185.11.128.204
212.7.203.129
2606:4700:3037::ac43:aaa0
2606:4700::6812:c4b
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2008
2a00:1450:4014:80f::2014
2a04:4e42:600::729
2a06:98c1:3121::3
35.156.183.130
52.222.236.63
52.42.97.191
074e3c3953374ab98df5c1f17e7ddd11726ced4424c8872ea6161c5760ae7cb3
0810bb9c20c37cbd78b6e99bdfd42af280d57a790ac733ea69ed5a381d680ef8
0b3f282c5d08502bc4dda13893f883f4ac3eb9f057862e66ac0bfd1bd1261127
0e904a541a9058b9a99ab2d8315e516b8a044466e2f1ce9b8ee45401499aa953
11f7c2fa09c39674412328f8b98aa04140024cbe4e0ddd9f1ee6ed40ca6d3da4
286396cfeb46fc8d7749a8f8124177213e87610e47b8f06668fb4c4a0ac5bd6a
2bed37030d8974bbaea2f968143a17937afab90bdfde90c6dcc9a483f9741f80
2ed7f6eafe9c597d5f40f76c6ea13293db1d0096112f4f6154aa8c8c88fd3cca
2f95aecf3ddd0b8017ed2592a17a198b53423258d43fd4f04ee88dcd281ee55e
363a80d367e6658e72d918cd33f9481ce7929199a9858122b0dcc61dffa62fde
3de5e45bd32bdcdf51a41a9fdeaa03a6f6f2bd2549b1900c57d28c9cefa90c85
3e562aa116253042855ef6fd941a29b35c507e19f14f9957fcc10f75d1ea3992
40310d0d67284fe114b30be52ae10dddac01fa243da60254ee9533a385bc3948
42a6b7114464e8aad5e4fa850b579534fcd9ea9ccbb9723dfa9f7d9ca5944feb
4610ce8d8b2b706779f18c3af444b29747a8a778621f69ddda46720b5a8e1023
4ef17b1f39a0aee1a5be6fae296b38746d78e693412cb26fd3a756a19e182a14
539732bc4d3b34b90d0b4f16c2c42823a8a00db470410c816d33db184f124890
5936dc484b4dd11b16332e579775a6432b4f167b1572896bbbef7b7856cb8002
5d39235686fca1ddafae3e9b4e201e16666ee7597bb015a90fb09a12da2cb538
65abbf6ebe44e9d99a2a47b006a99774423a1f08e760faf2ea6aedfa0441d176
67764f007da3218284ead7ce3fd155ca7fe6b928eaab72c4af097d267fc7c77b
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
810017eee83cd86af76e26ef35f74ea5be843d1ad7c31891fe50f94a1cc5124d
82db188d399fbb47b86a09d56032a08c366e24af769a205270bc8cdb4ca5fe6a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
87e5d804e5d9f71a2904ef72a45232b267d54421536981f1ed8fc5019c66a356
88454e7bca1c38b374d60d58449e4e22261366642a8650d8d8edae2c395f2603
8aaeeb16fb16de5a8625715693f92ade6c697446926e0ba9fbc074123823c626
995c9a0fb64e38ca9a1f46f09c935118a1345597b001068f0ff9b734452c9f77
9e441abd2a5036fa4724a5093ec4c5f2228f063be5f0073878b3339942ebf911
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a39df44e3e08fbf8482d36db9c9b465739f0a4c7070da7d01f256ff22d45d7b9
ad416781dcdca16385142455943e9179a4aca75b22646a6f669ff0e6f05166c5
b2c04dd59e5f97cb8077fdeca29836546874a74a476a5dd4a4ce9befc66f1af3
b560fdcdc46218b0ad7b61b67e5b6f0b32e41fc5b25ad1fe1517fece5b330536
b5e7568339c5f8010874964d60280b3c61edfb50f695120e6b309cc400b5a241
b98ca1035241a70724efaeefda944cda26c94e6ab08b32b3aea173abb0eeae82
bc12a331d8a30b47974de089ff3728dfaf1dae22b278957b134b18c6fea90827
c152221128c946d0e005e19ed92049ca42172bd7ff47d041ed3a2f1e4a42087e
d26608768b753529095f2e2196e935c23e1c52e39ccee880e6d82bba8031594c
db415b2df080c8c78139640a4df33f79a2011ac4049468262900262d6dd090c8
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
e1f499596c929215b05d73dfd34561d067a8dcaa25ce9d9ddb467d5ac9638e6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0546642632b3e8b0c525f3ff5e538d6506cc0f7ee79a54f442feb5cf5744c92
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f1c4234dfc2efb1beb7b1d3214f3260a05bbc8e09e5adb6336bf59ff324a7196
f46c831430cdb1d6885b0897ef4b16f41e5227bb5df2226cb21248ded460a2cf
f8540eccf3985e2187361d6f782a9ba554f7e03bb79a0bee55a40173ddb4dfee
f986dcb70838b5aeeb4c562746bbacb3c83ed32bf4bebbe8b01ae57ecd92d00e
fbfe3adcf00ed2513f8ae3a6f484c71c73cbd4723fdd6095fbe996af47988f1c

promo.ka-28022.xyz Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

41 %IPv6

14 Domains

17 Subdomains

17 IPs

6 Countries

979 kBTransfer

2483 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.ka-28022.xyz Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

41 %
IPv6

14
Domains

17
Subdomains

17
IPs

6
Countries

979 kB
Transfer

2483 kB
Size

29
Cookies

63 HTTP transactions
1 data transactions