account.efortuna.pl Open in urlscan Pro
2.16.186.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zaoda.xyz/
Effective URL:
https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=ban...
Submission Tags: falconsandbox
Submission: On August 23 via api (August 23rd 2021, 2:42:40 pm UTC) from US

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 9 countries across 26 domains to perform 98 HTTP transactions. The main IP is 2.16.186.121, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is account.efortuna.pl.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 18th 2020. Valid for: a year.

This is the only time account.efortuna.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2a03:b0c0:2:d... 2a03:b0c0:2:d0::d9b:b	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:2:f... 2a03:b0c0:2:f0::3d:8001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2a02:598:2::39 2a02:598:2::39	43037 (SEZNAM-) (SEZNAM-)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	77.78.104.3 77.78.104.3	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
1 1	34.254.102.144 34.254.102.144	16509 (AMAZON-02) (AMAZON-02)
7	2.16.186.121 2.16.186.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.58.60.200 52.58.60.200	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:20e... 2600:9000:20eb:ea00:1c:faf:c240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.70.80.118 104.70.80.118	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:f800:7:cc3d:2400:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	23.37.44.220 23.37.44.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1 8	195.177.217.192 195.177.217.192	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	18.157.140.191 18.157.140.191	16509 (AMAZON-02) (AMAZON-02)
2	75.2.119.157 75.2.119.157	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	185.11.128.205 185.11.128.205	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
1	34.249.73.169 34.249.73.169	16509 (AMAZON-02) (AMAZON-02)
98	31

26 2a03:b0c0:2:d0::d9b:b (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

zaoda.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zaoda.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:f0::3d:8001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

088.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:2::39 (Czech Republic) 1 redirects

ASN43037 (SEZNAM-, CZ)

search.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.78.104.3 (Czech Republic) 1 redirects

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)

profi-zaklady.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.102.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-102-144.eu-west-1.compute.amazonaws.com

online.efortuna.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-121.deploy.static.akamaitechnologies.com

account.efortuna.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.60.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-60-200.eu-central-1.compute.amazonaws.com

tools.feg.technology	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20eb:ea00:1c:faf:c240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-eu.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.80.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-80-118.deploy.static.akamaitechnologies.com

cdn.safecharge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:f800:7:cc3d:2400:93a1 (United States)

ASN16509 (AMAZON-02, US)

st-eu.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

9476762.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.44.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-220.deploy.static.akamaitechnologies.com

zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 195.177.217.192 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-195-177-217-192.dataspace.pl

t.goadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.goadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.157.140.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com

async-px-eu.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.119.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1ef697b048852c56.awsglobalaccelerator.com

csr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.11.128.205 (Poland) 2 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)

cmpl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.73.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-73-169.eu-west-1.compute.amazonaws.com

src.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	zaoda.xyz 1 redirects zaoda.xyz www.zaoda.xyz	712 KB
12	dynamicyield.com cdn-eu.dynamicyield.com st-eu.dynamicyield.com async-px-eu.dynamicyield.com	152 KB
8	goadservices.com 1 redirects t.goadservices.com m.goadservices.com	33 KB
8	efortuna.pl 1 redirects online.efortuna.pl account.efortuna.pl	902 KB
6	gstatic.com fonts.gstatic.com	81 KB
5	google-analytics.com www.google-analytics.com	61 KB
5	doubleclick.net 2 redirects 9476762.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
4	crazyegg.com script.crazyegg.com	26 KB
4	connextra.com zz.connextra.com	32 KB
3	facebook.com www.facebook.com	264 B
2	gemius.pl 2 redirects cmpl.hit.gemius.pl	646 B
2	onet.pl csr.onet.pl	837 B
2	google.com www.google.com adservice.google.com	170 B
2	facebook.net connect.facebook.net	97 KB
2	seznam.cz 1 redirects search.seznam.cz	217 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	webpu.sh src.webpu.sh	36 KB
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	adform.net cm.adform.net	162 B
1	google.de www.google.de	63 B
1	googletagmanager.com www.googletagmanager.com	81 KB
1	safecharge.com cdn.safecharge.com	2 KB
1	feg.technology tools.feg.technology	3 KB
1	profi-zaklady.pl 1 redirects profi-zaklady.pl	270 B
1	088.cz 088.cz	377 B
98	26

	Domain	Requested by
25	www.zaoda.xyz	www.zaoda.xyz
7	account.efortuna.pl	www.zaoda.xyz account.efortuna.pl
6	async-px-eu.dynamicyield.com	cdn-eu.dynamicyield.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com account.efortuna.pl
5	cdn-eu.dynamicyield.com	account.efortuna.pl st-eu.dynamicyield.com cdn-eu.dynamicyield.com
4	m.goadservices.com	1 redirects t.goadservices.com m.goadservices.com
4	script.crazyegg.com	www.zaoda.xyz script.crazyegg.com
4	t.goadservices.com	www.zaoda.xyz t.goadservices.com
4	zz.connextra.com	www.googletagmanager.com zz.connextra.com
4	fonts.googleapis.com	www.zaoda.xyz account.efortuna.pl
3	www.facebook.com	account.efortuna.pl
3	9476762.fls.doubleclick.net	1 redirects www.googletagmanager.com account.efortuna.pl
2	cmpl.hit.gemius.pl	2 redirects
2	csr.onet.pl	account.efortuna.pl
2	connect.facebook.net	www.zaoda.xyz connect.facebook.net
2	search.seznam.cz	1 redirects www.zaoda.xyz
2	maxcdn.bootstrapcdn.com	www.zaoda.xyz maxcdn.bootstrapcdn.com
1	src.webpu.sh	www.googletagmanager.com
1	cm.g.doubleclick.net	1 redirects
1	rtb-csync.smartadserver.com	account.efortuna.pl
1	cm.adform.net	account.efortuna.pl
1	adservice.google.com	9476762.fls.doubleclick.net
1	www.google.de	account.efortuna.pl
1	www.google.com	account.efortuna.pl
1	stats.g.doubleclick.net	www.google-analytics.com
1	st-eu.dynamicyield.com	www.zaoda.xyz
1	www.googletagmanager.com	account.efortuna.pl
1	cdn.safecharge.com	account.efortuna.pl
1	tools.feg.technology	account.efortuna.pl
1	online.efortuna.pl	1 redirects
1	profi-zaklady.pl	1 redirects
1	088.cz	www.zaoda.xyz
1	ajax.googleapis.com	www.zaoda.xyz
1	zaoda.xyz	1 redirects
98	35

This site contains no links.

Subject Issuer	Validity	Valid
zaoda.xyz R3	`2021-07-29` - `2021-10-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
088.cz R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
search.seznam.cz R3	`2021-07-08` - `2021-10-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.efortuna.pl DigiCert SHA2 Secure Server CA	`2020-12-18` - `2021-12-22`	a year	crt.sh
feg.technology Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.dynamicyield.com Amazon	`2020-10-11` - `2021-11-12`	a year	crt.sh
*.safecharge.com DigiCert Secure Site ECC CA-1	`2020-07-16` - `2021-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2021-07-04` - `2022-07-13`	a year	crt.sh
*.goadservices.com DOMENY SSL DV Certification Authority	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.onet.pl GeoTrust RSA CA 2018	`2021-05-24` - `2022-06-01`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
webpu.sh R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Frame ID: 642AF6EE8B91E9F6AFA4C6B113C95641
Requests: 94 HTTP requests in this frame

Frame: https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate
Frame ID: F56BE8B22BCDAC1119C3FA6237C6F20B
Requests: 2 HTTP requests in this frame

Frame: https://m.goadservices.com/other/?id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Frame ID: F10DF32D946E5147BEBF1EAB6179811A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eFortuna

Page URL History Show full URLs

http://zaoda.xyz/ HTTP 301
https://www.zaoda.xyz/ Page URL
http://profi-zaklady.pl/ HTTP 301
https://online.efortuna.pl/page?key=ej0xNDg4NjU4MCZsPTEzNTMwMTk4JnA9NTgzNA%3D%3D&var1=plgen HTTP 301
https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affi... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

98
Requests

100 %
HTTPS

56 %
IPv6

26
Domains

35
Subdomains

31
IPs

9
Countries

2336 kB
Transfer

7231 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zaoda.xyz/ HTTP 301
https://www.zaoda.xyz/ Page URL
http://profi-zaklady.pl/ HTTP 301
https://online.efortuna.pl/page?key=ej0xNDg4NjU4MCZsPTEzNTMwMTk4JnA9NTgzNA%3D%3D&var1=plgen HTTP 301
https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zaoda.xyz/ HTTP 301
https://www.zaoda.xyz/

Request Chain 14

https://search.seznam.cz/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/ HTTP 301
https://search.seznam.cz/wt/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/

Request Chain 49

https://9476762.fls.doubleclick.net/activityi;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate HTTP 302
https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate

Request Chain 87

https://m.goadservices.com/match/adformssp?sync=1 HTTP 302
https://cm.adform.net/pixel?adform_pid=13&adform_v=1&adform_pc=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=gopl_sp_z_oo&google_cm&google_sc&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_hm=MjkwNDYwNTAyNQ&google_ula=730944920 HTTP 302
https://m.goadservices.com/match/doubleclick_new?id=[GOADSERVICES-ID]&google_gid=[GOOGLE_ID]&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_gid=CAESEOtFrkZnjaVmpW4PtP51izU&google_cver=1&google_ula=730944920,0

Request Chain 90

https://cmpl.hit.gemius.pl/externalrehitredir?rid=qleoqqmfjy/id=d6ZK6Adicw7Az192pyAWOLbtnKPYsTAZpQ_fFEbGPfz.m7/extra=userid%3D3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ HTTP 301
https://cmpl.hit.gemius.pl/__/externalrehitredir?rid=qleoqqmfjy/id=d6ZK6Adicw7Az192pyAWOLbtnKPYsTAZpQ_fFEbGPfz.m7/extra=userid%3D3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ HTTP 301
https://m.goadservices.com/match/adocean?pid=sWV3IX8Od9HiKUabpmoUpr4thdEN.anWNZuJlvkI.D..Y7

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.zaoda.xyz/
Redirect Chain

http://zaoda.xyz/
https://www.zaoda.xyz/

12 KB
4 KB

103ms
40ms

Document
text/html

2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a6d03a0057e58bb3459c0630e67fbc81abd7bea1395319f45702889e794a2f

Request headers

:method: GET
:authority: www.zaoda.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Mon, 23 Aug 2021 14:42:22 GMT
content-type: text/html; charset=UTF-8
content-length: 3848
set-cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-upstream-backend: multihosting-w002
x-proxy-cache: MISS
referrer-policy: no-referrer
x-upstream-status: 200

Redirect headers

Server: nginx
Date: Mon, 23 Aug 2021 14:42:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.zaoda.xyz/

GET
H2 200 jquery-1.11.1.js Show response
www.zaoda.xyz/ 326 B
516 B 114ms
112ms Script
text/html 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/jquery-1.11.1.js
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cc1261c92957280e0a27302748ae23b13775a1e2bdc9791ed1657414eb0557b

Request headers

:path: /jquery-1.11.1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-upstream-backend: multihosting-w001
content-length: 259
x-upstream-status: 200
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 1622376
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 68351b69780c0610-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
www.zaoda.xyz/css/ 152 KB
23 KB 36ms
35ms Stylesheet
text/css 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/css/bootstrap.min.css
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:44:07 GMT
server: nginx
etag: "61029487-5c0a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
content-length: 23562
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H2 200 styles.css
www.zaoda.xyz/css/ 34 KB
5 KB 37ms
36ms Stylesheet
text/css 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/css/styles.css
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: eb91e3ecbbd7c6226fd0a0008d65128c024cc78cde8f673bde043c065b67d0b1

Request headers

:path: /css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:44:07 GMT
server: nginx
etag: "61029487-11fe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
content-length: 4606
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
788 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Requested by

Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26854e541566fb3e18e3504dce82d8163883080664c142ddc15a7cb5a4cf3217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 14:33:44 GMT
server: ESF
date: Mon, 23 Aug 2021 14:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 14:42:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 13:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 13:13:10 GMT

GET
H2 200 registration4.png
www.zaoda.xyz/img/ 3 KB
3 KB 19ms
18ms Image
image/png 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/registration4.png
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a31392c8bea26433ddad21bb66d9d53c4ab49688cc5cdebacd11a4845cc5f7

Request headers

:path: /img/registration4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:17:54 GMT
server: nginx
etag: "61028e62-b5b"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800 public, max-age=604800s
content-length: 2907
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 bonus3.png
www.zaoda.xyz/img/ 4 KB
4 KB 20ms
18ms Image
image/png 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/bonus3.png
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e8f522bde0a7f0729185f2924a4e27a776822263821539711df1b04345acd457

Request headers

:path: /img/bonus3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:17:54 GMT
server: nginx
etag: "61028e62-e17"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800 public, max-age=604800s
content-length: 3607
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 play4.png
www.zaoda.xyz/img/ 4 KB
4 KB 21ms
19ms Image
image/png 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/play4.png
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 97beecad3fbb39423459f74b5f6f85798cd142a5d00e533f34d27dae512183c2

Request headers

:path: /img/play4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:17:54 GMT
server: nginx
etag: "61028e62-f67"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800 public, max-age=604800s
content-length: 3943
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 font-awesome.min.css
www.zaoda.xyz/css/ 26 KB
6 KB 19ms
19ms Stylesheet
text/css 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/css/font-awesome.min.css
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

:path: /css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:44:07 GMT
server: nginx
etag: "61029487-1814"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
content-length: 6164
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H2 200 bootstrap.min.js Show response
www.zaoda.xyz/js/ 57 KB
15 KB 19ms
19ms Script
application/javascript 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/js/bootstrap.min.js
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:32:28 GMT
server: nginx
etag: "610291cc-3cf0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
content-length: 15600
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H2 200 scripts.min.js Show response
www.zaoda.xyz/js/ 599 B
646 B 18ms
18ms Script
application/javascript 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/js/scripts.min.js
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 27a574836b94967fbae80535e2cbe54e28788e2b7ff96a0d0f3b5817b1437980

Request headers

:path: /js/scripts.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:32:27 GMT
server: nginx
etag: "610291cb-187"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
content-length: 391
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H/1.1 200
OK red.php Show response
088.cz/_analytics/ 77 B
377 B 71ms
21ms Script
text/html 2a03:b0c0:2:f0::3d:8001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://088.cz/_analytics/red.php?&a=b072ddca21&b=zaoda.xyz&d=246&f=25
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:f0::3d:8001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 299ddb1a669d6ad2e8ea681d7f698e008e72fc178620af3ca726768a28d67a0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 23 Aug 2021 14:42:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pridej-stranku
search.seznam.cz/wt/
Redirect Chain

https://search.seznam.cz/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/
https://search.seznam.cz/wt/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/

0
0

372ms
372ms

Image
text/html

2a02:598:2::39
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.seznam.cz/wt/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:598:2::39 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Aug 2021 14:42:22 GMT
x-content-type-options: nosniff
server: envoy
x-frame-options: DENY
content-type: text/html
location: /wt/pridej-stranku?url=http%3A%2F%2Fyourbestlines.xyz/wyniki-badan-krwi-pdw-norma/
x-envoy-upstream-service-time: 0
content-length: 178
x-xss-protection: 1; mode=block

GET
H2 200 hero4.jpg
www.zaoda.xyz/img/ 379 KB
378 KB 18ms
18ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/hero4.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/hero4.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:40 GMT
server: nginx
etag: "6102883c-5e56d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 386413
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 bonus1_1.jpg
www.zaoda.xyz/img/ 21 KB
14 KB 51ms
50ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/bonus1_1.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/bonus1_1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-359b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 13723
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 bonus3_4.jpg
www.zaoda.xyz/img/ 24 KB
16 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/bonus3_4.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/bonus3_4.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-404a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 16458
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 bonus2_1.jpg
www.zaoda.xyz/img/ 37 KB
29 KB 51ms
50ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/bonus2_1.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/bonus2_1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-725a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 29274
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 basketbal2.jpg
www.zaoda.xyz/img/ 16 KB
16 KB 51ms
48ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/basketbal2.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/basketbal2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-4044"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 16452
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 volejbal3.jpg
www.zaoda.xyz/img/ 13 KB
13 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/volejbal3.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/volejbal3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-34ea"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 13546
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 box1.jpg
www.zaoda.xyz/img/ 10 KB
10 KB 51ms
48ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/box1.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/box1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-26ff"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 9983
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 baseball3.jpg
www.zaoda.xyz/img/ 10 KB
11 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/baseball3.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/baseball3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-2919"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 10521
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 futbal2.jpg
www.zaoda.xyz/img/ 13 KB
13 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/futbal2.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/futbal2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-31ec"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 12780
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 bike2.jpg
www.zaoda.xyz/img/ 20 KB
20 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/bike2.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/bike2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-4ff4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 20468
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 hokej2.jpg
www.zaoda.xyz/img/ 14 KB
14 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/hokej2.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/hokej2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-38f5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 14581
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 tenis4.jpg
www.zaoda.xyz/img/ 12 KB
12 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/tenis4.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/tenis4.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-2e81"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 11905
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 200 cta2.jpg
www.zaoda.xyz/img/ 20 KB
20 KB 51ms
49ms Image
image/jpeg 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zaoda.xyz/img/cta2.jpg
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:path: /img/cta2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.zaoda.xyz
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 14:42:22 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:51:39 GMT
server: nginx
etag: "6102883b-4e6a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800 public, max-age=604800s
content-length: 20074
expires: Mon, 30 Aug 2021 14:42:22 GMT

GET
H2 404 fontawesome-webfont.woff2
www.zaoda.xyz/fonts/ 0
0 51ms
49ms Font
text/html 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.zaoda.xyz
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:path: /fonts/fontawesome-webfont.woff2?v=4.4.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.zaoda.xyz
referer: https://www.zaoda.xyz/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.zaoda.xyz
Referer: https://www.zaoda.xyz/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:22 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 566970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:12:52 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 560508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:00:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
age: 539069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:57:53 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
12 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:42:00 GMT
x-content-type-options: nosniff
age: 579622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:42:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 03:22:29 GMT
x-content-type-options: nosniff
age: 559193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:22:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500,700,900&subset=latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zaoda.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:12:58 GMT
x-content-type-options: nosniff
age: 566964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:12:58 GMT

GET
H/1.1

200
OK

Primary Request register-step-1 Show response
account.efortuna.pl/
Redirect Chain

http://profi-zaklady.pl/
https://online.efortuna.pl/page?key=ej0xNDg4NjU4MCZsPTEzNTMwMTk4JnA9NTgzNA%3D%3D&var1=plgen
https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate

27 KB
9 KB

192ms
52ms

Document
text/html

2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: MWS Portal server /
Resource Hash: 3aba5600cd1e37374891947ca9cb470bcedf7d37f6e5ba9c5bdd894e72725973

Request headers

Host: account.efortuna.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.zaoda.xyz/

Response headers

Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
ETag: "611e3c44-6ca6"
Server: MWS Portal server
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8909
Cache-Control: max-age=300
Date: Mon, 23 Aug 2021 14:42:23 GMT
Connection: keep-alive
X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=

Redirect headers

date: Mon, 23 Aug 2021 14:42:23 GMT
location: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
content-encoding: gzip
p3p: CP="NON DEVa TAIa OUR BUS"
expires: Sat, 01 Jan 2000 01:00:00 GMT
last-modified: Mon, 23 Aug 2021 14:42:23 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: CLICK=9E63110CEC89BAFB318BCD71BBC072A9:23514; Expires=Tue, 24 Aug 2021 14:42:23 GMT; SameSite=None; Secure banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3;expires=Mon, 20-Sep-2021 14:42:23 GMT;domain=.efortuna.pl;path=/ banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3;expires=Mon, 20-Sep-2021 14:42:23 GMT;domain=.efortuna.pl;path=/ External=bGFuZGluZ1BhZ2VJZD0xMzUzMDE5OCZwcm9maWxlSWQ9NTgzNCZ6b25lSWQ9MTQ4ODY1ODAmdmFyMT1wbGdlbg==; Expires=Tue, 24-Aug-2021 14:42:23 GMT

GET
H2 200 fontawesome-webfont.woff
www.zaoda.xyz/fonts/ 79 KB
80 KB 18ms
18ms Font
application/font-woff 2a03:b0c0:2:d0::d9b:b
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zaoda.xyz/fonts/fontawesome-webfont.woff?v=4.4.0
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:2:d0::d9b:b Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.zaoda.xyz
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=t4r607r2m8089qf5vm362g403s
:path: /fonts/fontawesome-webfont.woff?v=4.4.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.zaoda.xyz
referer: https://www.zaoda.xyz/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.zaoda.xyz
Referer: https://www.zaoda.xyz/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:22 GMT
last-modified: Thu, 29 Jul 2021 08:33:26 GMT
server: nginx
etag: "610267d6-13d84"
content-type: application/font-woff
cache-control: max-age=1800 no-cache, private, max-age=1800, must-revalidate
accept-ranges: bytes
content-length: 81284
expires: Mon, 23 Aug 2021 15:12:22 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 31ms
31ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.zaoda.xyz
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 718
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e3d10536bc19663ce2cfaa033b0acf0b
accept-ranges: bytes
cf-ray: 68351b6bdd472c3a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mktechUtils-min.js Show response
tools.feg.technology/public/ 3 KB
3 KB 150ms
48ms Script
application/javascript 52.58.60.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.feg.technology/public/mktechUtils-min.js

Requested by

Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.60.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-60-200.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e0b724bf7880450fd0da800b19078c8a6784dea31fdf624a5c2d7a0986e5614e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 12:43:26 GMT
server: nginx
etag: "611fa36e-bcb"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 3019

GET
H2 200 api_dynamic.js Show response
cdn-eu.dynamicyield.com/api/9877342/ 269 KB
31 KB 45ms
10ms Script
application/javascript 2600:9000:20eb:ea00:1c:faf:c240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.dynamicyield.com/api/9877342/api_dynamic.js
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ea00:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb1527bd6809652a65e55d22cc7322589745e4c6893ec6d3d5006542ae983361

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3QwxoeVtzwSk96mu2z6BtGSDw17SEiZ.
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 13:21:57 GMT
server: AmazonS3
age: 239
etag: W/"bb2eb5bc933da3e99e6318c30ddf008d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 23 Aug 2021 14:38:26 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: _ABISfb6wKp4FvV_1xrUhfroj6mHe3FAzwnoJFjTWlmSM93gKFNBIQ==

GET
H2 200 api_static.js Show response
cdn-eu.dynamicyield.com/api/9877342/ 287 KB
84 KB 44ms
10ms Script
application/javascript 2600:9000:20eb:ea00:1c:faf:c240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.dynamicyield.com/api/9877342/api_static.js
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ea00:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45dff207f0f3e47e2ee84320c14f3de7439a529e3104b350e0062ce868c087bb

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: eOC8_L4sMbgn0JuXVGA9z0vo5qlgtet7
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 10:17:49 GMT
server: AmazonS3
age: 72100
etag: W/"75eeae88bc7bb28ea9b9a083a9987518"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 22 Aug 2021 19:14:23 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OLALpQ6FU644oip4oAZpbw8yE-SJz0RHm812jT189PCe_ySxoY8g9w==

GET
H2 200 sc_applepay.min.js Show response
cdn.safecharge.com/safecharge_resources/v1/ 6 KB
2 KB 170ms
56ms Script
application/javascript 104.70.80.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.safecharge.com/safecharge_resources/v1/sc_applepay.min.js
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.70.80.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-70-80-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5ce156f7783b1591f624893e98fbafe8728315f74ed2b54c7244716acf512b16

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 07:49:25 GMT
vary: Accept-Encoding
p3p: CP="ALL ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
cache-control: must-revalidate, max-age=86400
accept-ranges: bytes
content-type: application/javascript
content-length: 2281

GET
H3-29 200 css
fonts.googleapis.com/ 6 KB
669 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 12:47:48 GMT
server: ESF
date: Mon, 23 Aug 2021 14:42:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 14:42:23 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 5 KB
606 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600,700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 13:56:53 GMT
server: ESF
date: Mon, 23 Aug 2021 14:42:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 14:42:23 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
81 KB 45ms
42ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff4ddfff5351fd88626a6d0721e33294ec859c0840725ad6ffc8843b0be3aaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83369
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Aug 2021 14:42:23 GMT

GET
H2 200 st Show response
st-eu.dynamicyield.com/ 6 KB
2 KB 111ms
45ms Script
text/javascript 2600:9000:2190:f800:7:cc3d:2400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st-eu.dynamicyield.com/st?sec=9877342&inHead=true&id=0&jsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk&ref=&scriptVersion=1.28.3&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%7D
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f800:7:cc3d:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f3518a48eba820deae4b64b7f5fe8bab4a96fc5078cc56ad252afe6ab2aace1

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/javascript; charset=utf-8
x-amz-cf-id: uMcp_R-h_Xpck8I6FjPeRlPWKs_W5DHMCKM9f44a1qb0kQBkg1-Z5A==
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
expires: Mon, 23 Aug 2021 14:42:22 GMT

GET
H/1.1 200
OK style.raw.css
account.efortuna.pl/ftnpl_pl-account-theme/css/ 476 KB
70 KB 62ms
61ms Stylesheet
text/css 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: MWS Portal server /
Resource Hash: a7ba283769505f4b97ce3333615d4f514e50de86104e66ccc0fbdc81c422becb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743
Connection: keep-alive
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: MWS Portal server
ETag: W/"611e3c44-76fc7"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2628000
Connection: keep-alive
Content-Length: 71403
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H/1.1 200
OK bundle.css
account.efortuna.pl/ftnpl_pl-account-theme/js/app-out/ 405 KB
69 KB 184ms
77ms Stylesheet
text/css 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/js/app-out/bundle.css?t=1625666540
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: Playtech Web Server /
Resource Hash: e0b3986170bceab376ad115384ae3be389165a9fdd1e38b953f4d87fe4a0e514

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743
Connection: keep-alive
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: Playtech Web Server
ETag: W/"611e3c44-65230"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2628000
Connection: keep-alive
Content-Length: 69984
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H/1.1 200
OK custom-variables.css
account.efortuna.pl/ftnpl_pl-account-theme/css/ 0
416 B 158ms
51ms Stylesheet
text/css 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/css/custom-variables.css?t=0
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: Playtech Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743
Connection: keep-alive
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: Playtech Web Server
ETag: "611e3c44-0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2628000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H/1.1 200
OK main.min.js Show response
account.efortuna.pl/ftnpl_pl-account-theme/js/dist/ 3 MB
692 KB 160ms
53ms Script
application/javascript 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/js/dist/main.min.js?t=1625666538
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: MWS Portal server /
Resource Hash: 05082fbd758bfa4370df85f036a4d1bfb20dcc12dcf1bbdc672dd4c7228fe679

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743
Connection: keep-alive
Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: MWS Portal server
ETag: "611e3c44-30c7ef"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=2628000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 708169
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H3-29

200

activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fc... Show response
9476762.fls.doubleclick.net/ Frame F56B
Redirect Chain

https://9476762.fls.doubleclick.net/activityi;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3...
https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccou...

550 B
456 B

134ms
69ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

416faf21e718beda3d0b0bac5314e4921cf0355cb362270ca3c9393df0887cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9476762.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.efortuna.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGxlTdObp2Ys8YtB948ftbsXsXs2Itho810pNJ0SBoRmphult2vffXl27D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Aug 2021 14:42:23 GMT
expires: Mon, 23 Aug 2021 14:42:23 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Aug 2021 14:42:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5322
date: Mon, 23 Aug 2021 13:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 23 Aug 2021 15:13:41 GMT

GET
H2 200 misc Show response
zz.connextra.com/dcs/tagController/tag/31052250ef94/ 44 KB
16 KB 177ms
74ms Script
text/javascript 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/31052250ef94/misc
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 61a65eadebb55dccca7d9ad79406804198172f3cb5182565af500b58c3952c6c

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
cache-control: must-revalidate, max-age=102
content-type: text/javascript;charset=utf-8
content-length: 15992
vary: Accept-Encoding
expires: Mon, 23 Aug 2021 14:44:05 GMT

GET
H/1.1 200
OK cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Show response
t.goadservices.com/tags/ 3 KB
3 KB 177ms
64ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/tags/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f?url=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: 6d0773fde2d63ba2eaffc7c5be937ff82189a14aa7baa7e832ef4ff5b8d38637

Request headers

Referer: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:23 GMT
Cache-Control: private, no-cache, no-store
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: aKvEIPMPWBfKivUXhP+HJEvPh5Ld8Di4Z1SXweNprD7M+E6lc8YLUgEVTHeHUcn2xPp0/eag0eKAczzcSrA+Pw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 Aug 2021 14:42:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 regstart Show response
zz.connextra.com/dcs/tagController/tag/31052250ef94/ 44 KB
16 KB 203ms
102ms Script
text/javascript 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/31052250ef94/regstart
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9792f3f86bc5b02b5931675a9d199f809476ac8b10b10643e501e7967a10d1a

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
cache-control: must-revalidate, max-age=196
content-type: text/javascript;charset=utf-8
content-encoding: gzip
content-length: 15995
vary: Accept-Encoding
expires: Mon, 23 Aug 2021 14:45:39 GMT

GET
H2 200 activityi;register_conversion=1;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3D...
9476762.fls.doubleclick.net/ 0
0 174ms
83ms Image
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9476762.fls.doubleclick.net/activityi;register_conversion=1;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate?
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 2765.js Show response
script.crazyegg.com/pages/scripts/0053/ 5 KB
2 KB 32ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0053/2765.js?452702
Requested by: Host: www.zaoda.xyz
URL: https://www.zaoda.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ef0f2ce59af2dc5a902a2efdaafc7f15701878d0a7b2241de77a976c353765

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4892
cf-polished: origSize=4899
cf-ray: 68351b71dac01762-FRA
ce-version: 11.1.323
last-modified: Mon, 23 Aug 2021 13:20:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1614443680&t=pageview&_s=1&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&ul=en-us&de=UTF-8&dt=eFortuna&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUADQAAAAC~&jid=1670870523&gjid=314008098&cid=1131869698.1629729744&tid=UA-91309247-3&_gid=1929519262.1629729744&_r=1&gtm=2wg8i0T9G6GW6&cd5=23%20Aug%202021%2016%3A42%3A23&z=690357805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.efortuna.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 108 KB
42 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NHZQX7W&t=mainTracker&cid=1131869698.1629729744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

393c0f1424adb529f6b939220ecd0f302f6d9a5aa73a1875d7b947ff8ebf3f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42603
x-xss-protection: 0
expires: Mon, 23 Aug 2021 14:42:23 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-91309247-3&cid=1131869698.1629729744&jid=1670870523&gjid=314008098&_gid=1929519262.1629729744&_u=YEBAAUACQAAAAC~&z=730374581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 Aug 2021 14:42:23 GMT
content-type: text/plain
access-control-allow-origin: https://account.efortuna.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fortuna-preloader-logo.png
account.efortuna.pl/ftnpl_pl-account-theme/images/ 59 KB
58 KB 62ms
59ms Image
image/png 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/images/fortuna-preloader-logo.png?t=1625666539780
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: Playtech Web Server /
Resource Hash: eb0fbc6d02f9130daa7ccfbc21c80ef2fe688d985067d0371ca4de18734d6b71

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743; _gcl_au=1.1.717791512.1629729744; _ga=GA1.2.1131869698.1629729744; _gid=GA1.2.1929519262.1629729744; _gat_mainTracker=1
Connection: keep-alive
Referer: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: Playtech Web Server
ETag: "611e3c44-eb8d"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2628000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59234
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H/1.1 200
OK fortuna-spinner.gif
account.efortuna.pl/ftnpl_pl-account-theme/images/ 3 KB
3 KB 87ms
51ms Image
image/gif 2.16.186.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://account.efortuna.pl/ftnpl_pl-account-theme/images/fortuna-spinner.gif?t=1625666539780
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-121.deploy.static.akamaitechnologies.com
Software: MWS Portal server /
Resource Hash: 0229c9488d602ad6ab664fab5f0845184531f0bc3cee40acf90258db9dd76b4f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: account.efortuna.pl
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
Cookie: banner_click=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; banner_domainclick=datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3; _dyjsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk; dy_fs_page=account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate; _dy_csc_ses=5tuo9posfe9rfc4hvw4hageeiap7dcyk; _dy_c_exps=; _dy_soct=1038031.1082767.1629729743*1031756.1063360.1629729743; _gcl_au=1.1.717791512.1629729744; _ga=GA1.2.1131869698.1629729744; _gid=GA1.2.1929519262.1629729744; _gat_mainTracker=1
Connection: keep-alive
Referer: https://account.efortuna.pl/ftnpl_pl-account-theme/css/style.raw.css?t=1625666540
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-WPL-DATA: UEw=,V0FSU0FX,dmhpZ2g=
Date: Mon, 23 Aug 2021 14:42:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 11:11:00 GMT
Server: MWS Portal server
ETag: "611e3c44-a6b"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2628000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2209
Expires: Thu, 23 Sep 2021 00:42:23 GMT

GET
H3-29 200 1012513492244717 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1012513492244717?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

017e40fd74f68f457d9582643fc4f895a4f3f325d6853793b43cd0c7fcda1b0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73393
x-xss-protection: 0
pragma: public
x-fb-debug: GCDAywZoK4NB8pfxnMGXDwQIEisydhWR2o0oZuLMm+1EuqsNME96+nKCfYjiZpTH9UqrNmf2DNmwQsRU7WWRIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 Aug 2021 14:42:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dy-coll-nojq-min.js Show response
cdn-eu.dynamicyield.com/scripts/1.28.3/ 106 KB
31 KB 10ms
9ms Script
application/javascript 2600:9000:20eb:ea00:1c:faf:c240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Requested by: Host: st-eu.dynamicyield.com
URL: https://st-eu.dynamicyield.com/st?sec=9877342&inHead=true&id=0&jsession=5tuo9posfe9rfc4hvw4hageeiap7dcyk&ref=&scriptVersion=1.28.3&isSesNew=true&dyid_server=&ctx=%7B%22type%22%3A%22OTHER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ea00:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64a5b0da9850296d3cbf173bb49b3104b6428024bb1ae1449ba9df054350a8cb

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 11:49:14 GMT
content-encoding: gzip
last-modified: Sun, 25 Jul 2021 08:37:44 GMT
server: AmazonS3
age: 1911190
etag: W/"7dd6e1439cb180fb57389d81a28f47fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ixEP_Y6utLIKao8IvyxYw5nD.dTWLr8U
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: sOpIfYsWI8U6XkZYrjpnlqXB-Dr61CefI4lEWyjMN-1D8KK4ZtQhog==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-91309247-3&cid=1131869698.1629729744&jid=1670870523&_u=YEBAAUACQAAAAC~&z=1238960097

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-91309247-3&cid=1131869698.1629729744&jid=1670870523&_u=YEBAAUACQAAAAC~&z=1238960097

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2765.json Show response
script.crazyegg.com/pages/data-scripts/0053/ 11 KB
2 KB 32ms
15ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0053/2765.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0053/2765.js?452702
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c899fadc25d7ef794cdcbdc6031ddddda962dbc779311f7c2b4a87271885c7cb

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4888
ce-version: 11.1.323
content-length: 1978
timing-allow-origin: *
last-modified: Mon, 23 Aug 2021 13:20:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 68351b725ef24303-FRA

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1012513492244717&ev=PageView&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&rl=&if=false&ts=1629729743750&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629729743748.290799798&it=1629729743682&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 14:42:23 GMT

GET
H2 200 63d0d9937de4c282cb1a64574d7ede3c.json Show response
cdn-eu.dynamicyield.com/variations/9877342/1054730/100409822/ 6 KB
2 KB 28ms
9ms XHR
application/json 2600:9000:20eb:ea00:1c:faf:c240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-eu.dynamicyield.com/variations/9877342/1054730/100409822/63d0d9937de4c282cb1a64574d7ede3c.json
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/api/9877342/api_static.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ea00:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90dd1e24ab134d0ef5604a8592164d8a3322deb77b75724f7d78296a5ed7b4af

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: UwbsdPq.ORpeWwT3oJd7bmraONtJSoES
content-encoding: gzip
etag: W/"63d0d9937de4c282cb1a64574d7ede3c"
age: 52566
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: FAILED
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 13:31:37 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:34:30 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1ur_YSs195Zu8VB3cFJEWcvmza5GGnZdmtsbj_Jeki973mJyYsY8Vw==

POST
H2 200 uia Show response
async-px-eu.dynamicyield.com/ 0
227 B 156ms
50ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/uia?cnst=1&_=1629729743816
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 11.1.323.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 19ms
19ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0053/2765.js?452702
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 13:13:31 GMT
server: cloudflare
age: 4893
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 68351b72dc681762-FRA
content-length: 21471

GET
H2 200 var Show response
async-px-eu.dynamicyield.com/ 0
228 B 139ms
49ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/var?cnst=1&_=999052&msn=webserve-6f39651.euc1&uid=4719773373186683855&sec=9877342&t=ri&e=1082461&p=1&ve=100779107&va=%5B100393743%5D&ses=e5acf6cf9b6c39e5ddc2772b2d16949b&expSes=137&aud=1109810.1109814&expVisitId=-2937449424530812463&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1629729743832&rri=167616
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H/1.1 200
OK cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Show response
t.goadservices.com/engine/ 25 KB
25 KB 69ms
69ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/engine/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f
Requested by: Host: t.goadservices.com
URL: https://t.goadservices.com/tags/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f?url=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: c3480739214025a02f702580948251947ed2a10388c83c698373b5395d835d2d

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:23 GMT
Last-Modified: Fri, 23 Jul 2021 11:13:42 GMT
Server: nginx
Connection: keep-alive
Etag: "0e9877b25f06e53e5e9f4f0c398514c6"
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8

GET
H3-29 200 css
fonts.googleapis.com/ 3 KB
449 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap:400,500,700

Requested by

Host: account.efortuna.pl
URL: https://account.efortuna.pl/ftnpl_pl-account-theme/js/app-out/bundle.css?t=1625666540

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb487c69339a5d6d34f655fc94ec639ecdb2f80f434988a09a801de272db6a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 13:53:34 GMT
server: ESF
date: Mon, 23 Aug 2021 14:42:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 14:42:23 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1614443680&t=event&ni=0&_s=2&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&ul=en-us&de=UTF-8&dt=eFortuna&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DY%20Smart%20Action&ea=Notification%2018%2B%20(Desktop)&el=Experience%201%20(Variation%201)&ev=0&_u=aGBAAUADQAAAAC~&jid=&gjid=&cid=1131869698.1629729744&tid=UA-91309247-3&_gid=1929519262.1629729744&gtm=2wg8i0T9G6GW6&cd5=23%20Aug%202021%2016%3A42%3A23&z=91752197

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 13:17:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a9f4df93b39f__ftn18.svg
cdn-eu.dynamicyield.com/api/9877342/images/ 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2600:9000:20eb:ea00:1c:faf:c240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-eu.dynamicyield.com/api/9877342/images/a9f4df93b39f__ftn18.svg
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ea00:1c:faf:c240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac1faf000a6c8ed0ddf6ed83bb18c16dc16911f3c3acb9e9a64ce265c548fc2e

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TzZxEH4ksRNxhP6p5DLY.PEklOYo93tR
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:00:47 GMT
server: AmazonS3
age: 317990
etag: W/"010cd7ca42fa215b981e4407bb384406"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: max-age=604800
date: Thu, 19 Aug 2021 22:22:34 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Uj0GkNZqjX5Nuz4q1LgYi4hlr27mpJcu97ND-sxn0XfoRWdsW1F2uQ==

GET
H2 200 2765.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0053/ 578 B
339 B 15ms
15ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0053/2765.json?t=452702
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82d23dc2942db7a397cde1d5ff0ce30f5700f26adfa5d3981297f365ada512a

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4887
ce-version: 11.1.323
content-length: 246
timing-allow-origin: *
last-modified: Mon, 23 Aug 2021 13:20:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 68351b7329204303-FRA

POST
H2 200 batch Show response
async-px-eu.dynamicyield.com/ 0
227 B 52ms
52ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/batch?cnst=1&_=1629729743948_617103
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:23 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H/1.1 200
OK cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Show response
t.goadservices.com/v2/tag/ 387 B
1 KB 40ms
38ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/v2/tag/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f?data=%5B%5B%22_ENTRY%22%5D%5D&url=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&rid=1629729744230-922866
Requested by: Host: t.goadservices.com
URL: https://t.goadservices.com/engine/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: 927fb13475ffc4bdf6c5aad01c1c70f49891e55b63ad99d987e292012ce2816a

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:24 GMT
Server: nginx
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 /
csr.onet.pl/_s/c/ 43 B
418 B 172ms
69ms Image
image/gif 75.2.119.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csr.onet.pl/_s/c/?id=gopl05
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.2.119.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1ef697b048852c56.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
server: Ring Publishing - Accelerator
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
etag: "317496a096d6c86486a71d4521994bcd171a6bb3"
access-control-allow-methods: POST,GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
content-length: 43

GET
H2 200 /
csr.onet.pl/_s/c/ 43 B
419 B 158ms
55ms Image
image/gif 75.2.119.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csr.onet.pl/_s/c/?id=gopl03
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 75.2.119.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1ef697b048852c56.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
server: Ring Publishing - Accelerator
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
etag: "317496a096d6c86486a71d4521994bcd171a6bb3"
access-control-allow-methods: POST,GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
content-length: 43

POST
H2 200 batch Show response
async-px-eu.dynamicyield.com/ 0
227 B 50ms
49ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/batch?cnst=1&_=1629729744232_590199
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:24 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eb19f86c6d5d6ec3a08289ba115cc4493a9c9528c0f16bed609aa3c7ea5fa5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=*;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26prom...
adservice.google.com/ddm/fls/z/ Frame F56B 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=*;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate

Requested by

Host: 9476762.fls.doubleclick.net
URL: https://9476762.fls.doubleclick.net/activityi;dc_pre=CJmR07Owx_ICFSUVBgAd5lUJKQ;src=9476762;type=pgv;cat=pgv0;ord=4093487117978;gtm=2wg8i0;auiddc=717791512.1629729744;ps=1;~oref=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9476762.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1012513492244717&ev=Microdata&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&rl=&if=false&ts=1629729744253&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22eFortuna%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Faccount.efortuna.pl%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Rejestracja%20-%20Fortuna%22%2C%22og%3Adescription%22%3A%22Wype%C5%82nij%20formularz%20rejestracyjny.%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Faccount.efortuna.pl%2Flibrary%2FOpenGraph%2Fimage.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629729743748.290799798&it=1629729743682&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 14:42:24 GMT

GET
H/1.1 200
OK cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Show response
t.goadservices.com/v2/check/ 365 B
552 B 38ms
38ms Script
application/javascript 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.goadservices.com/v2/check/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f?id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&rid=1629729744329-879214
Requested by: Host: t.goadservices.com
URL: https://t.goadservices.com/engine/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: 41943a578edb0e3df31fe4659c25bf32c795ea2c0f3042274c7b42687dd9ebb0

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK / Show response
m.goadservices.com/other/ Frame F10D 2 KB
2 KB 140ms
35ms Document
text/html 195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.goadservices.com/other/?id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Requested by: Host: t.goadservices.com
URL: https://t.goadservices.com/engine/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: f00f46bfb4110ac4cdc54cbb71cd552260e4e2c1af26aa91cac0a2cff2a0f30c

Request headers

Host: m.goadservices.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://account.efortuna.pl/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __goadservices=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ; path_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f=5141ba389f625d6e22c3c67a8ef942dc; session_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f=a2ad84861d0cd65213fa1dadc3fde4a9; lu_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f=YWZmaWxpYXRl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.efortuna.pl/

Response headers

Server: nginx
Date: Mon, 23 Aug 2021 14:42:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

pixel
cm.adform.net/
Redirect Chain

https://m.goadservices.com/match/adformssp?sync=1
https://cm.adform.net/pixel?adform_pid=13&adform_v=1&adform_pc=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ

43 B
162 B

143ms
46ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=13&adform_v=1&adform_pc=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=13&adform_v=1&adform_pc=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Date: Mon, 23 Aug 2021 14:42:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ 43 B
163 B 174ms
57ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=55&gdpr=0&partneruserid=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&redirurl=%2F%2Fm.goadservices.com%2Fmatch%2Fsmart%3Fid%3D3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ%26pid%3DSMART_USER_ID
Requested by: Host: account.efortuna.pl
URL: https://account.efortuna.pl/register-step-1?clienttype=sportsbook&promocode=POSWOJEMU600&utm_source=affiliate&utm_medium=banner_text&utm_campaign=SPB_ACQ_affiliate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

doubleclick_new
m.goadservices.com/match/ Frame F10D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gopl_sp_z_oo&google_cm&google_sc&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_hm=MjkwNDYwNTAyNQ&google_ula=730944920
https://m.goadservices.com/match/doubleclick_new?id=[GOADSERVICES-ID]&google_gid=[GOOGLE_ID]&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_gid=CAESEOtFrkZnjaVmpW4PtP51izU&google_cver=1&go...

43 B
244 B

39ms
39ms

Image
image/gif

195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.goadservices.com/match/doubleclick_new?id=[GOADSERVICES-ID]&google_gid=[GOOGLE_ID]&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_gid=CAESEOtFrkZnjaVmpW4PtP51izU&google_cver=1&google_ula=730944920,0
Requested by: Host: m.goadservices.com
URL: https://m.goadservices.com/other/?id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://m.goadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif; charset=UTF-8

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.goadservices.com/match/doubleclick_new?id=[GOADSERVICES-ID]&google_gid=[GOOGLE_ID]&id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ&google_gid=CAESEOtFrkZnjaVmpW4PtP51izU&google_cver=1&google_ula=730944920,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adocean
m.goadservices.com/match/ Frame F10D
Redirect Chain

https://cmpl.hit.gemius.pl/externalrehitredir?rid=qleoqqmfjy/id=d6ZK6Adicw7Az192pyAWOLbtnKPYsTAZpQ_fFEbGPfz.m7/extra=userid%3D3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
https://cmpl.hit.gemius.pl/__/externalrehitredir?rid=qleoqqmfjy/id=d6ZK6Adicw7Az192pyAWOLbtnKPYsTAZpQ_fFEbGPfz.m7/extra=userid%3D3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
https://m.goadservices.com/match/adocean?pid=sWV3IX8Od9HiKUabpmoUpr4thdEN.anWNZuJlvkI.D..Y7

43 B
432 B

41ms
41ms

Image
image/gif

195.177.217.192
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.goadservices.com/match/adocean?pid=sWV3IX8Od9HiKUabpmoUpr4thdEN.anWNZuJlvkI.D..Y7
Requested by: Host: m.goadservices.com
URL: https://m.goadservices.com/other/?id=3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.177.217.192 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-217-192.dataspace.pl
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://m.goadservices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif; charset=UTF-8

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:24 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://m.goadservices.com/match/adocean?pid=sWV3IX8Od9HiKUabpmoUpr4thdEN.anWNZuJlvkI.D..Y7
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 22 Aug 2021 14:42:24 GMT

POST
H2 200 31052250ef94 Show response
zz.connextra.com/FortunaPL/dcs/tagController/tagData/ 0
394 B 62ms
62ms XHR
text/plain 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/FortunaPL/dcs/tagController/tagData/31052250ef94
Requested by: Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/31052250ef94/misc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.efortuna.pl
date: Mon, 23 Aug 2021 14:42:24 GMT
access-control-allow-credentials: true
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 0
vary: Origin
content-type: text/plain

POST
H2 200 31052250ef94 Show response
zz.connextra.com/FortunaPL/dcs/tagController/tagData/ 0
397 B 67ms
67ms XHR
text/plain 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/FortunaPL/dcs/tagController/tagData/31052250ef94
Requested by: Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/31052250ef94/regstart
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.efortuna.pl
date: Mon, 23 Aug 2021 14:42:24 GMT
access-control-allow-credentials: true
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 0
vary: Origin
content-type: text/plain

GET
H/1.1 200
OK sdk.js Show response
src.webpu.sh/rKiJd0tk4B18dbLXUxONST4HCOrZETOd/ 168 KB
36 KB 563ms
373ms Script
text/javascript 34.249.73.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://src.webpu.sh/rKiJd0tk4B18dbLXUxONST4HCOrZETOd/sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9G6GW6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.73.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-73-169.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 766d0bd3400372c9e977f193f4936440b3912d2e51c4fff57fa0d02984643e17

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 14:42:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 09:21:18 GMT
Server: openresty
x-amz-request-id: 6KSKG53AKA9QJMBT
ETag: W/"6faeb13edeef6bbe859af156bffa2811"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: jS1Xwlgpz/9TMZ2mAUwvGuULv01nP0p40JZuMzNL+smNnaoGkMWlOOoCww9bi/mwY2HPvDAOnAY=

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1614443680&t=event&ni=0&_s=3&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&ul=en-us&de=UTF-8&dt=eFortuna&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registration&ea=Registration%20page%20visit&_u=aGBAAUADQAAAAC~&jid=&gjid=&cid=1131869698.1629729744&tid=UA-91309247-3&_gid=1929519262.1629729744&gtm=2wg8i0T9G6GW6&cd5=23%20Aug%202021%2016%3A42%3A24&z=96764777

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 13:17:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1012513492244717&ev=AddToWishlist&dl=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&rl=&if=false&ts=1629729744737&cd[content_category]=&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1629729743748.290799798&it=1629729743682&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 14:42:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 14:42:24 GMT

GET
H2 200 imp Show response
async-px-eu.dynamicyield.com/ 0
227 B 54ms
54ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/imp?cnst=1&msn=webserve-6f39651.euc1&id=4719773373186683855&sec=9877342&imps%5B0%5D=dy_unit%7Csmart_object_1137065%7C%7C1200%7C%7C%7C&cl=dk.w.c.ws.&bl=0&l=def&p=1&sd=&rf=&trf=0&sr=1600x1200&ses=e5acf6cf9b6c39e5ddc2772b2d16949b&aud=1109810.1109814&svars=&url=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate&exps=%5B%5B%221063056%22%2C%22100589692%22%2C%22100345035%22%2C0%2Cnull%2Cnull%2C%22-2937449427430183465%22%2C%222%22%2C%223%22%5D%2C%5B%221082461%22%2C%22100779107%22%2C%22100393743%22%2C0%2Cnull%2Cnull%2C%22-2937449424530812463%22%2C%221%22%2Cnull%5D%2C%5B%221136809%22%2C%22100658755%22%2C%22100577946%22%2C0%2Cnull%2Cnull%2C%22-2937449425291111016%22%2C%221%22%2Cnull%5D%5D&expSes=137&reqts=1629729744771&rri=389044&_=1629729744771
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:24 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

GET
H2 200 var Show response
async-px-eu.dynamicyield.com/ 0
227 B 51ms
50ms XHR
text/plain 18.157.140.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async-px-eu.dynamicyield.com/var?cnst=1&_=820141&msn=webserve-6f39651.euc1&uid=4719773373186683855&sec=9877342&t=ri&e=1136809&p=1&ve=100658755&va=%5B100577946%5D&ses=e5acf6cf9b6c39e5ddc2772b2d16949b&expSes=137&aud=1109810.1109814&expVisitId=-2937449425291111016&mech=1&smech=null&eri=1&tsrc=Direct&reqts=1629729746737&rri=2665637
Requested by: Host: cdn-eu.dynamicyield.com
URL: https://cdn-eu.dynamicyield.com/scripts/1.28.3/dy-coll-nojq-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.140.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-140-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.efortuna.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 14:42:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goadservices.com/	1970-01-19 21:25:21	Name: lu_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Value: YWZmaWxpYXRl
.efortuna.pl/	1970-01-20 14:13:21	Name: __goadservices Value: 3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
.efortuna.pl/	1970-01-19 22:51:45	Name: _fbp Value: fb.1.1629729743748.290799798
.goadservices.com/	1970-01-19 21:25:21	Name: path_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Value: 5141ba389f625d6e22c3c67a8ef942dc
.efortuna.pl/	1970-01-19 21:25:21	Name: _dy_toffset Value: 0
.doubleclick.net/	1970-01-20 06:03:45	Name: IDE Value: AHWqTUmGxlTdObp2Ys8YtB948ftbsXsXs2Itho810pNJ0SBoRmphult2vffXl27D
.efortuna.pl/	1970-01-19 21:25:21	Name: _dy_geo Value: DE.EU.DE_.DE__
.efortuna.pl/	1969-12-31 23:59:59	Name: _dyfs Value: 1629729743756
.goadservices.com/	1970-01-19 20:42:13	Name: session_cb9086db-27fa-4dd8-8cc2-77f9ad4d111f Value: a2ad84861d0cd65213fa1dadc3fde4a9
.efortuna.pl/	1970-01-19 20:42:12	Name: _dy_csc_ses Value: 5tuo9posfe9rfc4hvw4hageeiap7dcyk
.efortuna.pl/	1970-01-19 21:25:21	Name: _dy_df_geo Value: Germany..
.efortuna.pl/	1970-01-19 21:25:21	Name: _dyid Value: 4719773373186683855
.efortuna.pl/	1970-01-19 21:25:21	Name: _dycst Value: dk.w.c.ws.
.efortuna.pl/	1970-01-19 20:42:09	Name: _gat_mainTracker Value: 1
.efortuna.pl/	1970-01-20 05:27:45	Name: _dy_soct Value: 1038031.1082767.16297297431031756.1063360.16297297431054730.1137065.1629729743
.efortuna.pl/	1970-01-19 20:42:11	Name: _dyjsession Value: 5tuo9posfe9rfc4hvw4hageeiap7dcyk
.efortuna.pl/	1970-01-19 21:22:28	Name: banner_click Value: datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3
.efortuna.pl/	1969-12-31 23:59:59	Name: dy_fs_page Value: account.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3Dposwojemu600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3Dspb_acq_affiliate
.efortuna.pl/	1970-01-20 14:13:21	Name: _ga Value: GA1.2.1131869698.1629729744
.efortuna.pl/	1970-01-19 22:51:45	Name: _gcl_au Value: 1.1.717791512.1629729744
.efortuna.pl/	1970-01-19 21:22:28	Name: banner_domainclick Value: datamining%2C%2C%2C%2Cadmap%3AF71C4061BEDB09A04CD088CB382956F3
.efortuna.pl/	1970-01-19 21:25:21	Name: _dy_c_exps Value:
.efortuna.pl/	1970-01-19 21:25:21	Name: _dycnst Value: dg
.goadservices.com/	1970-01-20 14:13:21	Name: __goadservices Value: 3-xPeA2_gait1VDEc7u1KvmeOiJvAeFJCojE3BYnW91MQ
.efortuna.pl/	1970-01-19 20:43:36	Name: _gid Value: GA1.2.1929519262.1629729744

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://t.goadservices.com/tags/cb9086db-27fa-4dd8-8cc2-77f9ad4d111f?url=https%3A%2F%2Faccount.efortuna.pl%2Fregister-step-1%3Fclienttype%3Dsportsbook%26promocode%3DPOSWOJEMU600%26utm_source%3Daffiliate%26utm_medium%3Dbanner_text%26utm_campaign%3DSPB_ACQ_affiliate(Line 48) Message: _go_test

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

088.cz
9476762.fls.doubleclick.net
account.efortuna.pl
adservice.google.com
ajax.googleapis.com
async-px-eu.dynamicyield.com
cdn-eu.dynamicyield.com
cdn.safecharge.com
cm.adform.net
cm.g.doubleclick.net
cmpl.hit.gemius.pl
connect.facebook.net
csr.onet.pl
fonts.googleapis.com
fonts.gstatic.com
m.goadservices.com
maxcdn.bootstrapcdn.com
online.efortuna.pl
profi-zaklady.pl
rtb-csync.smartadserver.com
script.crazyegg.com
search.seznam.cz
src.webpu.sh
st-eu.dynamicyield.com
stats.g.doubleclick.net
t.goadservices.com
tools.feg.technology
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.zaoda.xyz
zaoda.xyz
zz.connextra.com
104.70.80.118
142.250.185.162
142.250.186.38
18.157.140.191
185.11.128.205
185.86.139.114
195.177.217.192
2.16.186.121
23.37.44.220
2600:9000:20eb:ea00:1c:faf:c240:93a1
2600:9000:2190:f800:7:cc3d:2400:93a1
2606:4700::6812:acf
2606:4700::6812:bcf
2606:4700::6813:9308
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a02:598:2::39
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:b0c0:2:d0::d9b:b
2a03:b0c0:2:f0::3d:8001
34.249.73.169
34.254.102.144
37.157.4.28
52.58.60.200
75.2.119.157
77.78.104.3
00a31392c8bea26433ddad21bb66d9d53c4ab49688cc5cdebacd11a4845cc5f7
00a6d03a0057e58bb3459c0630e67fbc81abd7bea1395319f45702889e794a2f
017e40fd74f68f457d9582643fc4f895a4f3f325d6853793b43cd0c7fcda1b0a
0229c9488d602ad6ab664fab5f0845184531f0bc3cee40acf90258db9dd76b4f
05082fbd758bfa4370df85f036a4d1bfb20dcc12dcf1bbdc672dd4c7228fe679
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
26854e541566fb3e18e3504dce82d8163883080664c142ddc15a7cb5a4cf3217
27a574836b94967fbae80535e2cbe54e28788e2b7ff96a0d0f3b5817b1437980
299ddb1a669d6ad2e8ea681d7f698e008e72fc178620af3ca726768a28d67a0d
393c0f1424adb529f6b939220ecd0f302f6d9a5aa73a1875d7b947ff8ebf3f54
3aba5600cd1e37374891947ca9cb470bcedf7d37f6e5ba9c5bdd894e72725973
416faf21e718beda3d0b0bac5314e4921cf0355cb362270ca3c9393df0887cde
41943a578edb0e3df31fe4659c25bf32c795ea2c0f3042274c7b42687dd9ebb0
45dff207f0f3e47e2ee84320c14f3de7439a529e3104b350e0062ce868c087bb
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
5ce156f7783b1591f624893e98fbafe8728315f74ed2b54c7244716acf512b16
61a65eadebb55dccca7d9ad79406804198172f3cb5182565af500b58c3952c6c
64a5b0da9850296d3cbf173bb49b3104b6428024bb1ae1449ba9df054350a8cb
6cc1261c92957280e0a27302748ae23b13775a1e2bdc9791ed1657414eb0557b
6d0773fde2d63ba2eaffc7c5be937ff82189a14aa7baa7e832ef4ff5b8d38637
714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4
766d0bd3400372c9e977f193f4936440b3912d2e51c4fff57fa0d02984643e17
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7eb19f86c6d5d6ec3a08289ba115cc4493a9c9528c0f16bed609aa3c7ea5fa5b
7f3518a48eba820deae4b64b7f5fe8bab4a96fc5078cc56ad252afe6ab2aace1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90dd1e24ab134d0ef5604a8592164d8a3322deb77b75724f7d78296a5ed7b4af
927fb13475ffc4bdf6c5aad01c1c70f49891e55b63ad99d987e292012ce2816a
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
97beecad3fbb39423459f74b5f6f85798cd142a5d00e533f34d27dae512183c2
97ef0f2ce59af2dc5a902a2efdaafc7f15701878d0a7b2241de77a976c353765
a7ba283769505f4b97ce3333615d4f514e50de86104e66ccc0fbdc81c422becb
a82d23dc2942db7a397cde1d5ff0ce30f5700f26adfa5d3981297f365ada512a
ac1faf000a6c8ed0ddf6ed83bb18c16dc16911f3c3acb9e9a64ce265c548fc2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11
c3480739214025a02f702580948251947ed2a10388c83c698373b5395d835d2d
c899fadc25d7ef794cdcbdc6031ddddda962dbc779311f7c2b4a87271885c7cb
cb1527bd6809652a65e55d22cc7322589745e4c6893ec6d3d5006542ae983361
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d42f042ed608b6961fa3d30ecbf836e83c9f107e6aebe828e7fb8cafaa98b16e
d9792f3f86bc5b02b5931675a9d199f809476ac8b10b10643e501e7967a10d1a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0b3986170bceab376ad115384ae3be389165a9fdd1e38b953f4d87fe4a0e514
e0b724bf7880450fd0da800b19078c8a6784dea31fdf624a5c2d7a0986e5614e
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8f522bde0a7f0729185f2924a4e27a776822263821539711df1b04345acd457
eb0fbc6d02f9130daa7ccfbc21c80ef2fe688d985067d0371ca4de18734d6b71
eb91e3ecbbd7c6226fd0a0008d65128c024cc78cde8f673bde043c065b67d0b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00f46bfb4110ac4cdc54cbb71cd552260e4e2c1af26aa91cac0a2cff2a0f30c
fb487c69339a5d6d34f655fc94ec639ecdb2f80f434988a09a801de272db6a35
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ff4ddfff5351fd88626a6d0721e33294ec859c0840725ad6ffc8843b0be3aaf2

account.efortuna.pl Open in urlscan Pro 2.16.186.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

56 %IPv6

26 Domains

35 Subdomains

31 IPs

9 Countries

2336 kBTransfer

7231 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.efortuna.pl Open in urlscan Pro
2.16.186.121 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

56 %
IPv6

26
Domains

35
Subdomains

31
IPs

9
Countries

2336 kB
Transfer

7231 kB
Size

25
Cookies

98 HTTP transactions
1 data transactions