www.vanguardngr.com Open in urlscan Pro
2606:4700:10::ac43:1777 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Submission: On January 04 via api (January 4th 2024, 9:21:01 am UTC) from ZA — Scanned from DE

Summary HTTP 75 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 75 HTTP transactions. The main IP is 2606:4700:10::ac43:1777, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vanguardngr.com. The Cisco Umbrella rank of the primary domain is 392476.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 3rd 2023. Valid for: a year.

This is the only time www.vanguardngr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:10:... 2606:4700:10::ac43:1777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	2400:52e0:1e0... 2400:52e0:1e00::1055:1	200325 (BUNNYCDN) (BUNNYCDN)
1	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:fc00:17:1c9a:3a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:3a00:16:ac6e:cbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:440... 2606:4700:4400::ac40:9754	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.48.30.135 52.48.30.135	16509 (AMAZON-02) (AMAZON-02)
17	2606:4700::68... 2606:4700::6812:71e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.21 65.9.95.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.97.248 65.9.97.248	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
75	30

4 2606:4700:10::ac43:1777 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.vanguardngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1e00::1055:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.vanguardngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vanguardngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:fc00:17:1c9a:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

intersc.igaming-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:3a00:16:ac6e:cbc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ip-api-cf.igaming-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
modals.igaming-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9754 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.30.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-30-135.eu-west-1.compute.amazonaws.com

acdc.bettercollective.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:71e9 (United States)

ASN13335 (CLOUDFLARENET, US)

cov.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-21.prg50.r.cloudfront.net

dd.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-248.prg50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gmlinteractive.com cov.gmlinteractive.com — Cisco Umbrella Rank: 107221	493 KB
10	vanguardngr.com 1 redirects www.vanguardngr.com — Cisco Umbrella Rank: 392476 cdn.vanguardngr.com — Cisco Umbrella Rank: 423131 assets.vanguardngr.com — Cisco Umbrella Rank: 534230	446 KB
6	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1096 tr6.snapchat.com — Cisco Umbrella Rank: 1403	999 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	384 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	120 KB
4	betano.de 1 redirects www.betano.de — Cisco Umbrella Rank: 552454 dd.betano.de — Cisco Umbrella Rank: 629768	35 KB
4	gstatic.com fonts.gstatic.com	169 KB
3	igaming-service.io intersc.igaming-service.io — Cisco Umbrella Rank: 160034 ip-api-cf.igaming-service.io — Cisco Umbrella Rank: 369683 modals.igaming-service.io — Cisco Umbrella Rank: 289545	137 KB
3	wp.com c0.wp.com — Cisco Umbrella Rank: 11055 stats.wp.com — Cisco Umbrella Rank: 3634 pixel.wp.com — Cisco Umbrella Rank: 3321	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	22 KB
2	bettercollective.rocks acdc.bettercollective.rocks — Cisco Umbrella Rank: 265187	422 B
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 39255	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	61 KB
1	mgid.com a.mgid.com — Cisco Umbrella Rank: 11503	5 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 692	13 KB
1	adform.net s2.adform.net — Cisco Umbrella Rank: 7751	31 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1399	18 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	6 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 3722	51 KB
75	23

	Domain	Requested by
17	cov.gmlinteractive.com	www.betano.de
5	tr.snapchat.com	sc-static.net www.betano.de
5	www.googletagmanager.com	www.googleoptimize.com www.betano.de www.googletagmanager.com
5	assets.vanguardngr.com	www.vanguardngr.com
4	fonts.gstatic.com	www.vanguardngr.com
4	www.vanguardngr.com	1 redirects www.vanguardngr.com
3	www.betano.de	1 redirects www.vanguardngr.com www.betano.de
3	fundingchoicesmessages.google.com	www.vanguardngr.com
2	connect.facebook.net	www.vanguardngr.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	acdc.bettercollective.rocks	www.vanguardngr.com
2	gml-grp.com	2 redirects
2	www.google.de	www.vanguardngr.com
2	code.jquery.com	www.vanguardngr.com www.betano.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tr6.snapchat.com	sc-static.net
1	a.mgid.com	www.vanguardngr.com
1	bat.bing.com	www.vanguardngr.com
1	s2.adform.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	dd.betano.de	www.betano.de
1	modals.igaming-service.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	lh3.googleusercontent.com	www.vanguardngr.com
1	fonts.googleapis.com
1	ip-api-cf.igaming-service.io	intersc.igaming-service.io
1	intersc.igaming-service.io	www.vanguardngr.com
1	pixel.wp.com	www.vanguardngr.com
1	stats.wp.com	www.vanguardngr.com
1	c0.wp.com	www.vanguardngr.com
1	cdn.vanguardngr.com	www.vanguardngr.com
1	www.googleoptimize.com	www.vanguardngr.com
75	34

This site contains links to these domains. Also see Links.

Domain
allure.vanguardngr.com
digitalpaper.vanguardngr.com
api.whatsapp.com
t.me
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
whatsapp.com
play.google.com
community.vanguardngr.com
gml-grp.com

Subject Issuer	Validity	Valid
vanguardngr.com Cloudflare Inc ECC CA-3	`2023-09-03` - `2024-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.vanguardngr.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
assets.vanguardngr.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.igaming-service.io Sectigo RSA Domain Validation Secure Server CA	`2023-07-25` - `2024-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
betano.de Cloudflare Inc ECC CA-3	`2023-12-31` - `2024-12-30`	a year	crt.sh
*.bettercollective.rocks Sectigo RSA Domain Validation Secure Server CA	`2023-06-15` - `2024-06-27`	a year	crt.sh
igaming-service.io GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
dd.betano.de R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-13` - `2024-01-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Frame ID: 956EDFB6E096199574FEF3AAB194E4E4
Requests: 30 HTTP requests in this frame

Frame: https://www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 15983A18BDA9FE150ED083481AE09119
Requests: 2 HTTP requests in this frame

Frame: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Frame ID: 70FEA65558E07B4307EB20E65D558436
Requests: 42 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=5001418d-2a28-4b86-80b0-e90a1b3d77b6&u_sclid=865eb2dc-731f-40e5-a20e-0821c5e81605
Frame ID: 66791337C2DE3A6C9F8DDE8D0DFB058C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

High interest rate drives up Mutual Funds investment - Vanguard News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

97 %
HTTPS

76 %
IPv6

23
Domains

34
Subdomains

30
IPs

5
Countries

2109 kB
Transfer

4790 kB
Size

21
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://allure.vanguardngr.com/
Title: Allure

Search URL Search Domain Scan URL

URL: https://digitalpaper.vanguardngr.com/
Title: E-editions

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=High%20interest%20rate%20drives%20up%20Mutual%20Funds%20investment%20https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F&text=High%20interest%20rate%20drives%20up%20Mutual%20Funds%20investment

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=High%20interest%20rate%20drives%20up%20Mutual%20Funds%20investment%20https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F&title=High%20interest%20rate%20drives%20up%20Mutual%20Funds%20investment

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029Va8dVhD7IUYT3EPOz143

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.vanguardnews.app

Search URL Search Domain Scan URL

URL: https://community.vanguardngr.com/forum
Title: Discussion

Search URL Search Domain Scan URL

URL: https://gml-grp.com/C.ashx?btag=a_31993b_2204c_&affid=6189&siteid=31993&adid=2204&c=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.vanguardngr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 29

https://gml-grp.com/C.ashx?btag=a_31993b_2204c_&affid=6189&siteid=31993&adid=2204&c= HTTP 302
https://gml-grp.com/C.ashx?btag=a_31993b_2204c_&affid=6189&siteid=31993&adid=2204&c=&AutoR=1 HTTP 302
https://www.betano.de/deals/willkommensbonus-auf-die-hand?btag=a_31993b_2204c_[CustomMergeFields]&siteid=31993 HTTP 302
https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/ 172 KB
41 KB 1712ms
1657ms Document
text/html 2606:4700:10::ac43:1777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1777 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c383d85aa3e57f5480f4c315de5f5c5edde9607f4b41d40e1c2d69cb04b040

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-apo-via: origin,miss
cf-cache-status: MISS
cf-edge-cache: cache,platform=wordpress
cf-ray: 840268869b4665cc-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 09:20:56 GMT
last-modified: Thu, 04 Jan 2024 09:20:56 GMT
link: <https://www.vanguardngr.com/?p=2311213>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-runcache-type: native
x-runcloud-cache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 133 KB
51 KB 96ms
30ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-T7TDZ84

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efdfd7bb27b17b6d53bcbea072e91cdca8eeff2c2f230b6c48f848e4b4df76d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 09:20:56 GMT

GET
H2 200 pub-7532470883667401 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 105ms
52ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-7532470883667401?ers=1

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

214dc5ae4f10b77c588aba0fe32cc921c56ed355bc5f03473f28f4b36eea91bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zPeyN9WkYI7XsixpurhBiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-zPeyN9WkYI7XsixpurhBiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Stock-Market.jpg
cdn.vanguardngr.com/wp-content/uploads/2019/04/ 59 KB
60 KB 93ms
40ms Image
image/webp 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vanguardngr.com/wp-content/uploads/2019/04/Stock-Market.jpg
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: eb79fa2622e0f251c6a5640a8b22a689d80b10ef5fcdf30d553da9394b1bae82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
x-downloadsize: 93426
cdn-edgestorageid: 1055
x-bo-processingtime: 25
cdn-cachedat: 01/03/2024 15:18:12
cdn-pullzone: 329188
content-length: 60722
x-bo-server: ASB-254
last-modified: Wed, 03 Jan 2024 15:18:12 GMT
server: BunnyCDN-DE1-1055
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 76
content-type: image/webp
cdn-cache: HIT
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
cache-control: public, max-age=31557600
x-bo-compressionratio: 35.01%
cdn-requestid: da2e8d4b9aaac53989420a65707ecc8c
cdn-requestcountrycode: DE
link: <https://www.vanguardngr.com/wp-content/uploads/2019/04/Stock-Market.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.9.1/css/ 99 KB
17 KB 69ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.9.1/css/jetpack.css

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 18 Dec 2023 16:25:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 03 Jan 2025 09:20:56 GMT

GET
H2 200 bundle.1696414477301.min.js Show response
assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/scripts/ 7 KB
3 KB 88ms
23ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/scripts/bundle.1696414477301.min.js?ver=6.4.2
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: 58276545299b32401c0caa7e29df3d80b003fa0769ee587c6f2f4cffa91a9877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
x-downloadsize: 7419
cdn-edgestorageid: 755
cdn-cachedat: 12/22/2023 06:42:02
cdn-pullzone: 329188
x-bo-server: LA-241
last-modified: Fri, 22 Dec 2023 06:42:02 GMT
server: BunnyCDN-DE1-1055
cdn-requestpullcode: 200
cdn-proxyver: 1.04
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 319
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
cache-control: public, max-age=31919000
cdn-requestid: 16ebe4442102e8987accb7de1309e029
cdn-requestcountrycode: DE
link: <https://www.vanguardngr.com/wp-content/themes/vanguard/assets/dist/scripts/bundle.1696414477301.min.js?ver=6.4.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 e-202401.js Show response
stats.wp.com/ 7 KB
3 KB 75ms
23ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202401.js
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684460848292.3706
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 30 Dec 2024 06:54:41 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 63ms
21ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3757440
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-etou8220036-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704360057.532915,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 8846

GET
H2 200 style-index.css
assets.vanguardngr.com/wp-content/themes/vanguard/inc/blocks/dist/post-list-ssr/ 12 KB
3 KB 22ms
22ms Stylesheet
text/css 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vanguardngr.com/wp-content/themes/vanguard/inc/blocks/dist/post-list-ssr/style-index.css?ver=1.1.16
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: fd4e0a274b40f7671b4c6e597d650d39a907fa9895205685ccca7c66e29cc2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
x-downloadsize: 12657
cdn-edgestorageid: 1049
x-bo-processingtime: 5
cdn-cachedat: 10/31/2023 18:58:53
cdn-pullzone: 329188
x-bo-server: DE-266
last-modified: Tue, 31 Oct 2023 18:58:53 GMT
server: BunnyCDN-DE1-1055
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-bo-origindownloadtime: 0
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: c5d46fcac71de665221242364a9675e8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://www.vanguardngr.com/wp-content/themes/vanguard/inc/blocks/dist/post-list-ssr/style-index.css?ver=1.1.16>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4W4HKCPV04&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-T7TDZ84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a00c25ed74d081b6fe607af87396ece2c614fa9e2a892d82ecd5c22ca7067d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 09:20:56 GMT

GET
H2 200 site-logo.svg
assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/images/ 3 KB
2 KB 22ms
22ms Image
image/svg+xml 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/images/site-logo.svg

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1055 /

Resource Hash

4dbb5f67f411cd66651482b7ce0c8ca3fa8d2189cfe0557b033a3e265addd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 863
age: 7951
cdn-cachedat: 02/03/2023 06:23:45
cdn-pullzone: 329188
alt-svc: h3=":443", h3-29=":443"
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Feb 2023 03:26:46 GMT
server: BunnyCDN-DE1-1055
cdn-proxyver: 1.03
x-runcache-type: native
etag: W/"63dc7ef6-c6d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
cache-control: public, max-age=31919000
cdn-requestpullcode: 200
cdn-requestid: abc73618dbf1bfed03ed2511a206dec4
cf-ray: 793914639a843a68-FRA
cdn-requestcountrycode: DE
link: <https://www.vanguardngr.com/wp-content/themes/vanguard/assets/dist/images/site-logo.svg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2bda4d41e0f4f6acca99f15122b632546ee1f49cbb8efbff02aeeed5a89667

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Nunito-VariableFont_wght.ttf
assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/Nunito/ 269 KB
270 KB 88ms
42ms Font
application/octet-stream 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/Nunito/Nunito-VariableFont_wght.ttf

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1055 /

Resource Hash

a51464dfe4b8e7a768c8e14bbfdd8dbbd20d403970827a5bfd4eed5ecf79b297

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

age: 9500
cdn-pullzone: 329188
x-runcache-type: native
cdn-proxyver: 1.03
etag: "63dc7ef6-434bc"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link: <https://www.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/Nunito/Nunito-VariableFont_wght.ttf>; rel="canonical"
date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1053
cdn-cachedat: 02/03/2023 06:23:45
alt-svc: h3=":443", h3-29=":443"
content-length: 275644
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Feb 2023 03:26:46 GMT
server: BunnyCDN-DE1-1055
cdn-requestpullcode: 200
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
cdn-requestid: 6c7d0a08182073b58b14bf0e073f00b0
accept-ranges: bytes
cf-ray: 793914658eee9225-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 CARDIF_B.ttf
assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/cardiff/ 61 KB
62 KB 113ms
67ms Font
application/octet-stream 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/cardiff/CARDIF_B.ttf

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1055 /

Resource Hash

2d8fca1da64d33e88f60f0af8df7e2575b64c3d948423c2e50cdf51a08b958de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

age: 10191
cdn-pullzone: 329188
x-runcache-type: native
cdn-proxyver: 1.03
etag: "63dc7ef6-f4f0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
link: <https://www.vanguardngr.com/wp-content/themes/vanguard/assets/dist/fonts/cardiff/CARDIF_B.ttf>; rel="canonical"
date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
cdn-cachedat: 02/03/2023 06:23:45
alt-svc: h3=":443", h3-29=":443"
content-length: 62704
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Feb 2023 03:26:46 GMT
server: BunnyCDN-DE1-1055
cdn-requestpullcode: 200
cdn-uid: 3adc0494-f757-4016-a364-013192f97de7
cdn-requestid: e68446173b0ff8437824499b48ee941c
accept-ranges: bytes
cf-ray: 79391465893a6969-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 AGSKWxUqWXyNc-tG-orW2SA9ofCV9EgbaOABluXTBTEIfKuGfG4QbkrxrSE8QnHPBhS-Ekh1PAdHnUUW2K-afcYSzTy2aYif7269cxNbRj4G4pDZh3SSNP6ilZzYHLAMuxsfhLF5L7wYDQ== Show response
fundingchoicesmessages.google.com/f/ 376 KB
58 KB 127ms
126ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUqWXyNc-tG-orW2SA9ofCV9EgbaOABluXTBTEIfKuGfG4QbkrxrSE8QnHPBhS-Ekh1PAdHnUUW2K-afcYSzTy2aYif7269cxNbRj4G4pDZh3SSNP6ilZzYHLAMuxsfhLF5L7wYDQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MzYwMDU2LDY1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudmFuZ3VhcmRuZ3IuY29tLzIwMjQvMDEvaGlnaC1pbnRlcmVzdC1yYXRlLWRyaXZlcy11cC1tdXR1YWwtZnVuZHMtaW52ZXN0bWVudC8iLG51bGwsW1s4LCJmWHdkUzhOaUlabyJdLFs5LCJkZSJdLFsxOSwiMSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fXwdS8NiIZo.es5.O/am=wA/d=1/rs=AJlcJMxJ1qMxyso2XHaIgHSZ8zZaGbwJeA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef68731da64ea10d8a2f2c96607200a8cec020f52e25dcb605de0cd83ffe1315

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yN3InJI0nLx7Bnobw9i_YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yN3InJI0nLx7Bnobw9i_YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 36ms
22ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=129338816&post=2311213&tz=1&srv=www.vanguardngr.com&j=1%3A12.9.1&host=www.vanguardngr.com&ref=&fcp=1905&rand=0.5991056612650605
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 09:20:56 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 vanguardngr.com.js Show response
intersc.igaming-service.io/ 66 KB
13 KB 124ms
32ms Script
application/javascript 2600:9000:2127:fc00:17:1c9a:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intersc.igaming-service.io/vanguardngr.com.js?ver=202414
Requested by: Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fc00:17:1c9a:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 846037585cf0f86e5cc4260ec0b1ffffa075bb46a1dfbbcccebb80bc1ad14e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 08:57:35 GMT
content-encoding: br
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 12:28:03 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1433
x-amz-server-side-encryption: AES256
etag: W/"67853ae17ccea397e7f7536cccbcdd8a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4VjJuXa7MDoQ0fG7Buwj6XjZW2JpsOUqyhy_4sA6LGAbc4TjbV-A2Q==

GET
H2

200

main.js Show response
www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 1598
Redirect Chain

https://www.vanguardngr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

30ms
30ms

Script
application/javascript

2606:4700:10::ac43:1777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Server

2606:4700:10::ac43:1777 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a5b004a0bf793c2acfb3da9cc965ca54c824a3a1be8eb15f0842138d73edae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 840268928d7d65cc-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 840268925d4765cc-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 840268869b4665cc Show response
www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1598 0
339 B 50ms
49ms XHR
text/plain 2606:4700:10::ac43:1777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vanguardngr.com/cdn-cgi/challenge-platform/h/g/jsd/r/840268869b4665cc

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1777 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 840268931ef21e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
ip-api-cf.igaming-service.io/ 200 B
494 B 160ms
57ms XHR
application/json 2600:9000:2127:3a00:16:ac6e:cbc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ip-api-cf.igaming-service.io/
Requested by: Host: intersc.igaming-service.io
URL: https://intersc.igaming-service.io/vanguardngr.com.js?ver=202414
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3a00:16:ac6e:cbc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6378b0a4ebced4981fd4bfb81c0e9cf2411a608e993e4b5b93408c81656ab484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
content-length: 200
x-amz-cf-id: 1nR71Cl_Qpqt6dOBOoCk2G_ahZ5m4CctmtTo-bJZdZJwcnGCOseejw==

GET
H2 200 css
fonts.googleapis.com/ 100 KB
6 KB 149ms
98ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.fXwdS8NiIZo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyLeiSgTNkMLGpl2BnQDlONuavtAQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b065ad9df986f3b2f9ed0672189e01ee198ecba05ada242afa18beba0e2e9d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 09:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 09:20:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jan 2024 09:20:56 GMT

GET
H2 200 jdM9DsHAgtPCA_f1cDrogCY9KDgI0mjJioeBh6uR5c9IG5DW61OmsAS0HwcG_yLyrn5z3j1DvphRz2IF6QIsLqgLkLRFp3_Pr2DG4Re4Hhg-e2fxCbmW=h60
lh3.googleusercontent.com/ 5 KB
6 KB 77ms
21ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jdM9DsHAgtPCA_f1cDrogCY9KDgI0mjJioeBh6uR5c9IG5DW61OmsAS0HwcG_yLyrn5z3j1DvphRz2IF6QIsLqgLkLRFp3_Pr2DG4Re4Hhg-e2fxCbmW=h60

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e7edfd63b3b6d7df3c18a6c43d6b72b1bc02dd5379ba0561802e1db929d8a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 05:29:44 GMT
x-content-type-options: nosniff
age: 13872
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5372
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 05 Jan 2024 05:29:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 83ms
33ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 00:50:19 GMT
x-content-type-options: nosniff
age: 462637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14720
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 00:50:19 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 106ms
56ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 202883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:59:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
15 KB 77ms
27ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:42:55 GMT
x-content-type-options: nosniff
age: 200281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14544
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 01:42:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 99ms
49ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vanguardngr.com/
Origin: https://www.vanguardngr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:45:58 GMT
x-content-type-options: nosniff
age: 545698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 01:45:58 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 82ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4W4HKCPV04&gtm=45je3bt0v9103921372&_p=1704360056610&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1728881776.1704360057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704360056&sct=1&seg=0&dl=https%3A%2F%2Fwww.vanguardngr.com%2F2024%2F01%2Fhigh-interest-rate-drives-up-mutual-funds-investment%2F&dt=High%20interest%20rate%20drives%20up%20Mutual%20Funds%20investment%20-%20Vanguard%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2128
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4W4HKCPV04&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vanguardngr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 89ms
30ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4W4HKCPV04&cid=1728881776.1704360057&gtm=45je3bt0v9103921372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4W4HKCPV04&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vanguardngr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXkEsu6Ku7I_9BXgJU_-ssRhM7rkgFzfcmj6YaCvkXYX5AHpWEaJMsJs1lujPh5IbwdNjow0QWq06fnyFX3dOSXS6a4mw8z6rndcAmIwpAF0KoKFDNtQq-wjosqk4LHB4fgLVvgQg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 83ms
37ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkEsu6Ku7I_9BXgJU_-ssRhM7rkgFzfcmj6YaCvkXYX5AHpWEaJMsJs1lujPh5IbwdNjow0QWq06fnyFX3dOSXS6a4mw8z6rndcAmIwpAF0KoKFDNtQq-wjosqk4LHB4fgLVvgQg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2xN9oQ4LS52y_BkE1qyfDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vanguardngr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 09:20:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-2xN9oQ4LS52y_BkE1qyfDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.vanguardngr.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 87ms
35ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4W4HKCPV04&cid=1728881776.1704360057&gtm=45je3bt0v9103921372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1228378282

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

willkommensbonus-auf-die-hand Show response
www.betano.de/deals/ Frame 70FE
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_31993b_2204c_&affid=6189&siteid=31993&adid=2204&c=
https://gml-grp.com/C.ashx?btag=a_31993b_2204c_&affid=6189&siteid=31993&adid=2204&c=&AutoR=1
https://www.betano.de/deals/willkommensbonus-auf-die-hand?btag=a_31993b_2204c_[CustomMergeFields]&siteid=31993
https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

27 KB
5 KB

80ms
79ms

Document
text/html

2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194e897c2b486c2e9ea129496ffff45c0b2dc4921579741532a682fdb0831f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vanguardngr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: EXPIRED
cf-ray: 8402689dbfbb9211-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 09:20:58 GMT
last-modified: Thu, 04 Jan 2024 08:38:32 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-farm: ce3
x-xss-protection: 1; mode=block

Redirect headers

age: 0
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8402689d4f729211-FRA
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 09:20:58 GMT
location: /deals/willkommensbonus-auf-die-hand?siteid=31993
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-cacheable-status: 302
x-content-type-options: nosniff
x-farm: ce3
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK index.php
acdc.bettercollective.rocks/ Frame 0
0 153ms
48ms Preflight
text/html 52.48.30.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://acdc.bettercollective.rocks/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

52.48.30.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-30-135.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey
Access-Control-Request-Method: POST
Origin: https://www.vanguardngr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: apikey
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.vanguardngr.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Jan 2024 09:20:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked

POST
H/1.1 200
OK index.php Show response
acdc.bettercollective.rocks/ 14 B
422 B 48ms
48ms XHR
text/html 52.48.30.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://acdc.bettercollective.rocks/index.php

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

52.48.30.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-30-135.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6041df3e9b345d68be886f995c452395674ea950cd3ca9992c13b64f3aa9cbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.vanguardngr.com/
apikey: #%"TU[XRh+k0<XvOaZsD;JR6?0a/rb=05z#n8quv=,3xY9Tj)BXHA^AfGe6t~8a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Jan 2024 09:20:57 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.vanguardngr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 Betano-DE-300x250-1.webp
modals.igaming-service.io/wp-content/uploads/2023/10/ 123 KB
124 KB 126ms
43ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://modals.igaming-service.io/wp-content/uploads/2023/10/Betano-DE-300x250-1.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c9c2eecb1d82f0316da574a44fe8bf1244be109123dc5a718b1d3f36dd6871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vanguardngr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:57 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 07:36:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 363825
etag: "651fb911-1ec2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7baSGsQqzX3jumoKOr%2BPtHZyDYFumjWX4M9xT0hjXhJXf%2FUFqUkgUlQqscltRUd4hFx933V5NQzWGq9OoRrxro%2BFzNJSXrYYadWzE9W29bRhyDkzTLl%2BNvIClf1U%2F3SdnqwjnFUqp%2FzM%2FncAqrWkX0XGLF%2F7wwg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 840268966aff048a-CDG
alt-svc: h3=":443"; ma=86400
content-length: 125998

GET
H2 200 r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response
www.betano.de/cdn-cgi/apps/head/ Frame 70FE 4 KB
2 KB 38ms
38ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js

Requested by

Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-version-id: 3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DNMFB7SYZWJMKNZ1
age: 187
content-length: 1344
x-amz-id-2: A455cY3iVAwt0Qn3+/D1RcvzUEDQnPDLInJvKpldg1dpkWvsHZrEl1GQGEf68IHq8pnGirnQ5pw=
last-modified: Thu, 21 Dec 2023 12:52:13 GMT
server: cloudflare
etag: "30cf280ac36d10da9b831b91729cc23c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8402689e480a9211-FRA
expires: Fri, 03 Jan 2025 09:20:58 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 70FE 86 KB
30 KB 21ms
21ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9557858
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-etou8220036-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704360059.602424,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 2421

GET
H2 200 d-logo.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 15 KB
16 KB 113ms
58ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/d-logo.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0cd20b27ed737a1b3f0ca8d0a386622383fecd5a041b0711dbfcb12c91ecff51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=22992
x-powered-by: ASP.NET
content-disposition: inline; filename="d-logo.webp"
content-length: 15538
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 08:08:47 GMT
server: cloudflare
etag: "80d1c3c7b42d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689e9fb56aeb-FRA

GET
H2 200 d-apple.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 334 B
710 B 91ms
36ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/d-apple.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5fa3b137bd85140217f784aa86692ec8dae35976d82831a2a0b4a50c87702f36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=1617
x-powered-by: ASP.NET
content-disposition: inline; filename="d-apple.webp"
content-length: 334
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 08:10:56 GMT
server: cloudflare
etag: "0a8a7597b42d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689e9fb66aeb-FRA

GET
H2 200 d-android.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 330 B
802 B 68ms
57ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/d-android.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a3777e5c51fc83aabc2e8ae08e10d3a303dbaedf4dd8dde74243e7ddf18d8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 7387
cf-polished: origFmt=png, origSize=1555
x-powered-by: ASP.NET
content-disposition: inline; filename="d-android.webp"
content-length: 330
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 08:11:24 GMT
server: cloudflare
etag: "01e586a7b42d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689e9fb96aeb-FRA

GET
H2 200 d-egr.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 2 KB
3 KB 68ms
57ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/d-egr.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 25def15fc9d6df453cd16ce311dec477e82aed796f3734adcd1f8e76426bff2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=5141
x-powered-by: ASP.NET
content-disposition: inline; filename="d-egr.webp"
content-length: 2328
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 08:12:06 GMT
server: cloudflare
etag: "0cf60837b42d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689e9fb86aeb-FRA

GET
H2 200 t-logo.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 24 KB
25 KB 67ms
56ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/t-logo.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8e0d9cd8abe5ff0630ae74b90dae6f8cc91130bad4fd0ac582c960db66397ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=36366
x-powered-by: ASP.NET
content-disposition: inline; filename="t-logo.webp"
content-length: 24846
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:04:29 GMT
server: cloudflare
etag: "808cc0d48242d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689e9fb76aeb-FRA

GET
H2 200 t-apple.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 492 B
1 KB 69ms
58ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/t-apple.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 11c6ae5ed1b54c8b9ddc084e5d5ec206f7d0fb208a82f397ec36b56fd42a0a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=987
x-powered-by: ASP.NET
content-disposition: inline; filename="t-apple.webp"
content-length: 492
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:05:26 GMT
server: cloudflare
etag: "0fbaf68242d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689e9fba6aeb-FRA

GET
H2 200 t-android.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 484 B
1 KB 68ms
68ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/t-android.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 73bb4d08d915fcac078cd8a8044d601e6b31d331af84e5a7993c93c7dd82c4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=942
x-powered-by: ASP.NET
content-disposition: inline; filename="t-android.webp"
content-length: 484
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:05:55 GMT
server: cloudflare
etag: "801b388342d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689ebfd26aeb-FRA

GET
H2 200 t-egr.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 3 KB
4 KB 69ms
68ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/t-egr.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 913cd35450abef2ea03a75d2869bb126230516df32d5b923fee04fbd08f547f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16469
cf-polished: origFmt=png, origSize=7037
x-powered-by: ASP.NET
content-disposition: inline; filename="t-egr.webp"
content-length: 3552
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:07:19 GMT
server: cloudflare
etag: "807d143a8342d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689ebfd36aeb-FRA

GET
H2 200 m-logo.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 13 KB
14 KB 47ms
46ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/m-logo.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a477b2be73feeadd975e2836bc13f7c88c7aae9ffd1161db203c821f404b0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16913
cf-polished: origFmt=png, origSize=18645
x-powered-by: ASP.NET
content-disposition: inline; filename="m-logo.webp"
content-length: 13426
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:49:38 GMT
server: cloudflare
etag: "02571238942d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689eafc96aeb-FRA

GET
H2 200 m-apple.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 366 B
739 B 68ms
68ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/m-apple.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8e4f6b1e542a75501e13350369b1f5d0a622dc97fb7d731e58b029d6b851fc5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 14325
cf-polished: origFmt=png, origSize=713
x-powered-by: ASP.NET
content-disposition: inline; filename="m-apple.webp"
content-length: 366
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:50:18 GMT
server: cloudflare
etag: "0a9483b8942d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 15
accept-ranges: bytes
cf-ray: 8402689ebfd46aeb-FRA

GET
H2 200 m-android.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 352 B
823 B 47ms
47ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/m-android.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b39ea3d8b058605326435d25c0ad14688a574bf3f6f554b63f4641383051ec8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 13774
cf-polished: origFmt=png, origSize=667
x-powered-by: ASP.NET
content-disposition: inline; filename="m-android.webp"
content-length: 352
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:50:43 GMT
server: cloudflare
etag: "805b2f4a8942d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689ebfd56aeb-FRA

GET
H2 200 m-egr.png
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 3 KB
3 KB 63ms
63ms Image
image/webp 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/m-egr.png
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e72e3a7600401299e661ac2a4b3c1c05ade95de64828990b08d40b214626e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 16469
cf-polished: origFmt=png, origSize=4972
x-powered-by: ASP.NET
content-disposition: inline; filename="m-egr.webp"
content-length: 2718
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:51:21 GMT
server: cloudflare
etag: "80b2d5608942d81:0"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689ebfd66aeb-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 70FE 393 KB
115 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05a9c3ec519e2c58e47eed16d22af4221c3d90e61c004da8e1d63f6a52542779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117106
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jan 2024 09:20:58 GMT

GET
H2 200 tags.js Show response
dd.betano.de/ Frame 70FE 147 KB
27 KB 212ms
33ms Script
text/javascript 65.9.95.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.betano.de/tags.js

Requested by

Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-21.prg50.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Thu, 04 Jan 2024 09:16:49 GMT
x-amz-cf-pop: PRG50-C1
age: 697
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: MlYfPHehl-mYEgab0pj-LipdWDBQcb7ZtzvqzHhtonJpgnnlXhD4ug==
expires: Thu, 04 Jan 2024 10:09:21 GMT

GET
H2 200 m-bg.jpg
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 187 KB
188 KB 40ms
34ms Image
image/jpeg 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/m-bg.jpg
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06cd80c8e411f5f26fc7acf36ad8df8e2a0cac0e2474b96336263db7a3658db9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
cf-cache-status: HIT
age: 12895
cf-polished: origSize=198369
x-powered-by: ASP.NET
content-length: 191859
cf-bgj: imgq:100,h2pri
last-modified: Mon, 28 Mar 2022 09:49:14 GMT
server: cloudflare
etag: "0923158942d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-farm: 14
accept-ranges: bytes
cf-ray: 8402689e9fb46aeb-FRA

GET
H2 200 GloberHeavyItalic.otf
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 138 KB
61 KB 105ms
60ms Font
font/otf 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/GloberHeavyItalic.otf
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cabc99df81a3870217a6d2182d916a801aaaf60fe268b00c9e5e628178b7e721

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 16:24:50 GMT
server: cloudflare
age: 4867
etag: W/"0f5308db14d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/otf
access-control-allow-origin: *
x-farm: 14
cf-ray: 8402689edd011e58-FRA

GET
H2 200 GloberSemiBold.otf
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 137 KB
59 KB 104ms
59ms Font
font/otf 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/GloberSemiBold.otf
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8d8c99004a081ba64e096b4a5b6ee15a6958f472b5bf67b98a097dbd67f7aff4

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 12:58:02 GMT
server: cloudflare
age: 4374
etag: W/"0a95c4632cbd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/otf
access-control-allow-origin: *
x-farm: 15
cf-ray: 8402689edd031e58-FRA

GET
H2 200 GloberxBold.otf
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 141 KB
61 KB 84ms
39ms Font
font/otf 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/GloberxBold.otf
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 51c7fbacc2e6a5da08e1c1e29d53d4ccc8f5658aa5a82c560954aa925b48118a

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 12:58:01 GMT
server: cloudflare
age: 4374
etag: W/"8012c44532cbd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/otf
access-control-allow-origin: *
x-farm: 15
cf-ray: 8402689edd051e58-FRA

GET
H2 200 GloberBold.otf
cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/ Frame 70FE 134 KB
56 KB 81ms
37ms Font
font/otf 2606:4700::6812:71e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cov.gmlinteractive.com/static-files/CMS-Ability/marketingkaizen/Betano-DE/Sportsbook/Offers/FTA-APR-22/GloberBold.otf
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:71e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8adb730e724ce1eaa70cb204a1c1019d9574ba094924632b2ce980ab8bda390

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Oct 2021 12:58:06 GMT
server: cloudflare
age: 4867
etag: W/"03bf4832cbd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/otf
access-control-allow-origin: *
x-farm: 15
cf-ray: 8402689edd041e58-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 70FE 277 KB
92 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8698d01b914114d571ba5927b2d85f3521f9817dca89f3660cedc27835a670b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 09:20:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 70FE 262 KB
85 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e31eb46b36ed237d999ca5b3a61c3b87e1f2559b4d2abbe6dba4f8babb5674df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 09:20:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 70FE 52 KB
21 KB 109ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 07:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7113
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jan 2024 09:22:25 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 70FE 41 KB
18 KB 175ms
90ms Script
application/javascript 65.9.97.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-97-248.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2a2cd65d5fefa2b8e45e0dcec4b3ce4ef13140ec27d8e2a49c0d38bb1a2a8468

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: gzip
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17628
x-amz-cf-id: nIx9gqM4dPQWR8u0ep5VpuujMXok20s00nwlgiIFhPDsAOaYuruGZg==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 70FE 81 KB
31 KB 153ms
36ms Script
application/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000aa4f78c365c7aee5-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 70FE 202 KB
54 KB 105ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jan 2024 09:20:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: CfrB/nfmhENaliTkpCzG2WFWobIyQ21j6QZpNCh1YNNfiNELlpbRXATiiNO/MxwJNfsdfU4vglfIDZ2mLUlNnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 70FE 45 KB
13 KB 131ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 04 Jan 2024 09:20:58 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60FABCA71E7A421DB6F6DCEBEF65F867 Ref B: DUS30EDGE0309 Ref C: 2024-01-04T09:20:58Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 70FE 15 KB
5 KB 204ms
120ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1704360058738

Requested by

Host: www.vanguardngr.com
URL: https://www.vanguardngr.com/2024/01/high-interest-rate-drives-up-mutual-funds-investment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: ed560aaf-b1ee-4478-b7ce-54b7fd582311
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8402689faf8a18bf-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 84002ee0-88c3-4040-948b-0d1ae384be94
null/ Frame 70FE 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:null/84002ee0-88c3-4040-948b-0d1ae384be94
Requested by: Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame 70FE 133 KB
35 KB 352ms
351ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.138&r=stable&domain=www.vanguardngr.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jan 2024 09:20:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3MR1ku6zi0/okMcy4oVKQ6j528cyEoDKYfcrFdm+8y1Uv2jd/1mZOznePJ5Jb6Mo6OgtByKRMgQ6l6WVEdCSSw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response
tr.snapchat.com/config/de/ Frame 70FE 177 B
403 B 129ms
34ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.7.5-2401032347

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: null
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6679 0
53 B 131ms
37ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=5001418d-2a28-4b86-80b0-e90a1b3d77b6&u_sclid=865eb2dc-731f-40e5-a20e-0821c5e81605

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 04 Jan 2024 09:20:59 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ Frame 70FE 68 B
443 B 129ms
35ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_sclid=865eb2dc-731f-40e5-a20e-0821c5e81605&u_scsid=5001418d-2a28-4b86-80b0-e90a1b3d77b6&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=1401&m_ic=true&m_pi=1397&m_pl=0&m_pv=2&m_rd=1678&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.vanguardngr.com%2F&rf=https%3A%2F%2Fwww.vanguardngr.com%2F&trackId=7fdd8afe-2557-4fc9-8777-0fc6fd819598&ts=1704360058925&v=3.7.5-2401032347

Requested by

Host: www.betano.de
URL: https://www.betano.de/deals/willkommensbonus-auf-die-hand?siteid=31993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 200 p
tr.snapchat.com/ Frame 70FE 0
45 B 40ms
39ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 a
www.googletagmanager.com/ Frame 70FE 0
11 B 30ms
30ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=690277669&rv=3bt0&u=AAAAAAAIAAAAAAAAAAAAEA&h=Ag&gtm=45je3bt0v879569639&ccid=79569639&cid=G-W0C280Z7PP&l=G-W0C280Z7PP.L1390.S11.B8.E425.I1397.EC6.TC21.HTC0~gtm.init.S0.V0.E10.TS5ogtreferralexclusion.TI112.TE0.TS5ogtcrossdomain.TI114.TE0.TS5ogt1pdatav2.TI115.TE0.TS5ccdgalast.TI116.TE0.TS5ccdautoredact.TI117.TE0.TS5ogteventcreate.TI118.TE0.TS5ogteventcreate.TI119.TE0.TS5ogteventcreate.TI120.TE0.TS5ogteventcreate.TI121.TE0.TS5ogteventcreate.TI122.TE0.TS5ccdconversionmarking.TI123.TE0.TS5ccdemsitesearch.TI124.TE0.TS5ccdemscroll.TI125.TE0.TS5ccdempageview.TI126.TE0.TS5ccdemoutboundclick.TI127.TE0.TS5ccdemdownload.TI128.TE0.TS5ccdgaregscope.TI129.TE0.TS5ogtgooglesignals.TI130.TE0.TS5setproductsettings.TI131.TE0.TS5ccdgafirst.TI132.TE0~gtm.js.S0.V0.E4.TS5gct.TI109.TE0~*.S0.V0.E2~gtm.dom.S0.V0.E2~gtm.load.S0.V0.E0~gtm.init_consent.S0.V0.E9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 p
tr6.snapchat.com/ Frame 70FE 0
42 B 52ms
33ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 70FE 3 KB
2 KB 116ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1704360058732&cv=11&fst=1704360058732&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.betano.de%2Fdeals%2Fwillkommensbonus-auf-die-hand%3Fsiteid%3D31993&ref=https%3A%2F%2Fwww.vanguardngr.com%2F&top=https%3A%2F%2Fwww.vanguardngr.com%2F&hn=www.googleadservices.com&frm=2&tiba=20%E2%82%AC%20Freiwette%20f%C3%BCr%20Neukunden%20%7C%20Betano%20Sportwetten&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

167283cdfe79ee4dd3961de30d5c2d13365dc0e9762640409fad57062ce163fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 70FE 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 08:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 09:41:47 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame 70FE 42 B
455 B 86ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1704360058732&cv=11&fst=1704358800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.betano.de%2Fdeals%2Fwillkommensbonus-auf-die-hand%3Fsiteid%3D31993&ref=https%3A%2F%2Fwww.vanguardngr.com%2F&frm=2&tiba=20%E2%82%AC%20Freiwette%20f%C3%BCr%20Neukunden%20%7C%20Betano%20Sportwetten&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Znk3V7rosYWokFNpa17hLlza3_IqDQ&random=2088419464&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame 70FE 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1704360058732&cv=11&fst=1704358800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.betano.de%2Fdeals%2Fwillkommensbonus-auf-die-hand%3Fsiteid%3D31993&ref=https%3A%2F%2Fwww.vanguardngr.com%2F&frm=2&tiba=20%E2%82%AC%20Freiwette%20f%C3%BCr%20Neukunden%20%7C%20Betano%20Sportwetten&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Znk3V7rosYWokFNpa17hLlza3_IqDQ&random=2088419464&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 09:20:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ Frame 70FE 0
13 B 35ms
35ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 09:20:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:27:26	Name: X-AB Value: b46f0e27cf754d26a3e5e972d945d42c
.vanguardngr.com/	1970-01-20 17:26:01	Name: __cf_bm Value: gpKdmbYnZUFmZip9.yhti0W4CqfpZ15obg7gN7lcNuY-1704360056-1-AUaTpm0k+PUIuwYJAUXnR38hMjjjmE/Y6IhPOzO6tvrpd1GNikZLDNlOrnC/Bw1peaBZPJhxCHXu05hehc40xFE=
.vanguardngr.com/	1970-01-21 02:11:36	Name: cf_clearance Value: b2drdu5p5pBmYNorNVaR99385hIo9d9YuCfhNxvHjjg-1704360056-0-2-a6e6a28b.61c27301.b1569a1e-0.2.1704360056
.vanguardngr.com/	1970-01-21 03:02:00	Name: _ga_4W4HKCPV04 Value: GS1.1.1704360056.1.0.1704360056.60.0.0
.vanguardngr.com/	1970-01-21 03:02:00	Name: _ga Value: GA1.1.1728881776.1704360057
www.vanguardngr.com/	1970-01-21 02:13:02	Name: _ia_loc_c Value: DE
www.vanguardngr.com/	1970-01-21 02:13:02	Name: _ia_loc_r Value:
gml-grp.com/	1970-01-21 03:02:00	Name: CEK Value: a
.gml-grp.com/	1970-01-20 17:26:01	Name: __cf_bm Value: dwVoKLwfqP4RO5Y_e4yOHDYRmI5Zb8Gzd.lmDUtaV00-1704360057-1-AczW6FeWk42epRNXC8qvlCbDUHCMSmC9XPFdtPhDqrrJ1n3nsCGBTX/RlxQgAMTOAM09AhJ5Ugwl7qZYib4gTeY=
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WSRRyGRHZCqr.b1ig00BFvkyNqzQeilMwl8va_hdxKc-1704360057905-0-604800000
gml-grp.com/	1970-01-20 19:35:36	Name: XYZ Value: 120&0&148&&&&0&1&&b2a8df07-0587-435d-b7a6-4e978f6a2dd1&&a_31993b_2204&
gml-grp.com/	1970-01-20 19:35:36	Name: A_2204 Value: a=2204&r=0&fv=0&lv=0&vc=0&fc=20240104&lc=20240104092058&cc=1
gml-grp.com/	1970-01-20 19:35:36	Name: PM_11 Value: id=1c77378a-ac55-4c00-812f-539a0603277a&c=&s=31993&ad=2204&md=0&pm=11&d=20240104092058&ip=0&r=0&ref=https%3A%2F%2Fwww.vanguardngr.com%2F&RedirectParams=btag%3Da_31993b_2204c_%5BCustomMergeFields%5D%26siteid%3D31993&cip=MjAwMToxYjYwOjEwMTA6MzoxMDExOjUzYWI6ZjU0ZTpkMWE1
.betano.de/	1970-01-20 18:09:12	Name: btag Value: a_31993b_2204c_
.betano.de/	1970-01-20 17:26:01	Name: __cf_bm Value: V7IjQ3TcpYUiMtQMz4Dyi99vtmY.2Rz43_I8IZqtxYk-1704360058-1-AX2ch7B+NDcytglsm6gzQkwpbng5Onl0Bmcw/sg1Vk74oTrgO5JGlrdI8Ge6fouHRCclz0ZxEH0dbNc8IAU7wQY=
.betano.de/	1969-12-31 23:59:59	Name: _cfuvid Value: DAgZ6KnRGn.Ap6xbG5cKPD6UAwrko541a9qXuNQ_iAU-1704360058496-0-604800000
.gmlinteractive.com/	1970-01-20 17:26:01	Name: __cf_bm Value: rsyVcPWOvx9ZnF06gVjAc8e8xqrgK4OqbQYeCoEURs0-1704360058-1-AULyR0OzBSYeihWzdpz28ZcZhNJNZ4e+8UJI/unZ/91qZ84D7HmQVpiGYqHiU+QBVNBNQEEPQwERWGWMdRRjje4=
.gmlinteractive.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ZFW68O_3t7N2pd66ErUzJ_8boA0oQKAGGLWWL9CgKt4-1704360058698-0-604800000
.mgid.com/	1970-01-20 17:26:01	Name: __cf_bm Value: UGWS3E2AJoWxeEh8OmndiOshATc9URuN4gONy8Jcd5U-1704360058-1-AXVT70yh4HFby2A8SZABQMJKg1bNLni4hgLmnKGziCutbnaIN+4mEkGO6gWncb7jbHe79Ij5p7h09GfxcAfyums=
.snapchat.com/	1970-01-21 02:47:36	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIpiLiOSjzCo633aMjb5rw0EUxm4QnRZ3xmIx7oqot6DBg7sIHWA+0BjIAAAA=
.doubleclick.net/	1970-01-20 17:26:00	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/234568464078651?v=2.9.138&r=stable&domain=www.vanguardngr.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
acdc.bettercollective.rocks
assets.vanguardngr.com
bat.bing.com
c0.wp.com
cdn.vanguardngr.com
code.jquery.com
connect.facebook.net
cov.gmlinteractive.com
dd.betano.de
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gml-grp.com
googleads.g.doubleclick.net
intersc.igaming-service.io
ip-api-cf.igaming-service.io
lh3.googleusercontent.com
modals.igaming-service.io
pixel.wp.com
region1.analytics.google.com
s2.adform.net
sc-static.net
stats.g.doubleclick.net
stats.wp.com
tr.snapchat.com
tr6.snapchat.com
www.betano.de
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.vanguardngr.com
192.0.76.3
192.0.77.37
2001:4860:4802:32::36
2400:52e0:1e00::1055:1
2600:9000:2127:3a00:16:ac6e:cbc0:93a1
2600:9000:2127:fc00:17:1c9a:3a40:93a1
2606:4700:10::ac43:1777
2606:4700:1::6813:814c
2606:4700:4400::ac40:9754
2606:4700::6812:71e9
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:200::649
2a06:98c1:3121::3
35.190.43.134
37.157.5.71
52.48.30.135
65.9.95.21
65.9.97.248
05a9c3ec519e2c58e47eed16d22af4221c3d90e61c004da8e1d63f6a52542779
06cd80c8e411f5f26fc7acf36ad8df8e2a0cac0e2474b96336263db7a3658db9
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0cd20b27ed737a1b3f0ca8d0a386622383fecd5a041b0711dbfcb12c91ecff51
11c6ae5ed1b54c8b9ddc084e5d5ec206f7d0fb208a82f397ec36b56fd42a0a4f
167283cdfe79ee4dd3961de30d5c2d13365dc0e9762640409fad57062ce163fc
194e897c2b486c2e9ea129496ffff45c0b2dc4921579741532a682fdb0831f7a
214dc5ae4f10b77c588aba0fe32cc921c56ed355bc5f03473f28f4b36eea91bf
25def15fc9d6df453cd16ce311dec477e82aed796f3734adcd1f8e76426bff2f
2a2cd65d5fefa2b8e45e0dcec4b3ce4ef13140ec27d8e2a49c0d38bb1a2a8468
2a5b004a0bf793c2acfb3da9cc965ca54c824a3a1be8eb15f0842138d73edae3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d8fca1da64d33e88f60f0af8df7e2575b64c3d948423c2e50cdf51a08b958de
2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e7edfd63b3b6d7df3c18a6c43d6b72b1bc02dd5379ba0561802e1db929d8a1d
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
4dbb5f67f411cd66651482b7ce0c8ca3fa8d2189cfe0557b033a3e265addd58b
4e72e3a7600401299e661ac2a4b3c1c05ade95de64828990b08d40b214626e1e
51c7fbacc2e6a5da08e1c1e29d53d4ccc8f5658aa5a82c560954aa925b48118a
58276545299b32401c0caa7e29df3d80b003fa0769ee587c6f2f4cffa91a9877
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa3b137bd85140217f784aa86692ec8dae35976d82831a2a0b4a50c87702f36
6041df3e9b345d68be886f995c452395674ea950cd3ca9992c13b64f3aa9cbd0
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6378b0a4ebced4981fd4bfb81c0e9cf2411a608e993e4b5b93408c81656ab484
6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1
6a3777e5c51fc83aabc2e8ae08e10d3a303dbaedf4dd8dde74243e7ddf18d8f0
73bb4d08d915fcac078cd8a8044d601e6b31d331af84e5a7993c93c7dd82c4b1
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7a477b2be73feeadd975e2836bc13f7c88c7aae9ffd1161db203c821f404b0f1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
846037585cf0f86e5cc4260ec0b1ffffa075bb46a1dfbbcccebb80bc1ad14e93
8d8c99004a081ba64e096b4a5b6ee15a6958f472b5bf67b98a097dbd67f7aff4
8e0d9cd8abe5ff0630ae74b90dae6f8cc91130bad4fd0ac582c960db66397ff0
8e4f6b1e542a75501e13350369b1f5d0a622dc97fb7d731e58b029d6b851fc5b
913cd35450abef2ea03a75d2869bb126230516df32d5b923fee04fbd08f547f7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97c9c2eecb1d82f0316da574a44fe8bf1244be109123dc5a718b1d3f36dd6871
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
a00c25ed74d081b6fe607af87396ece2c614fa9e2a892d82ecd5c22ca7067d79
a3c383d85aa3e57f5480f4c315de5f5c5edde9607f4b41d40e1c2d69cb04b040
a51464dfe4b8e7a768c8e14bbfdd8dbbd20d403970827a5bfd4eed5ecf79b297
ae2bda4d41e0f4f6acca99f15122b632546ee1f49cbb8efbff02aeeed5a89667
b065ad9df986f3b2f9ed0672189e01ee198ecba05ada242afa18beba0e2e9d03
b39ea3d8b058605326435d25c0ad14688a574bf3f6f554b63f4641383051ec8f
b8698d01b914114d571ba5927b2d85f3521f9817dca89f3660cedc27835a670b
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cabc99df81a3870217a6d2182d916a801aaaf60fe268b00c9e5e628178b7e721
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
d8adb730e724ce1eaa70cb204a1c1019d9574ba094924632b2ce980ab8bda390
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e31eb46b36ed237d999ca5b3a61c3b87e1f2559b4d2abbe6dba4f8babb5674df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb79fa2622e0f251c6a5640a8b22a689d80b10ef5fcdf30d553da9394b1bae82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68731da64ea10d8a2f2c96607200a8cec020f52e25dcb605de0cd83ffe1315
efdfd7bb27b17b6d53bcbea072e91cdca8eeff2c2f230b6c48f848e4b4df76d2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fd4e0a274b40f7671b4c6e597d650d39a907fa9895205685ccca7c66e29cc2f0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.vanguardngr.com Open in urlscan Pro 2606:4700:10::ac43:1777 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

76 %IPv6

23 Domains

34 Subdomains

30 IPs

5 Countries

2109 kBTransfer

4790 kBSize

21 Cookies

12 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vanguardngr.com Open in urlscan Pro
2606:4700:10::ac43:1777 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

76 %
IPv6

23
Domains

34
Subdomains

30
IPs

5
Countries

2109 kB
Transfer

4790 kB
Size

21
Cookies

75 HTTP transactions
1 data transactions