20bet.life Open in urlscan Pro
2606:4700:20::681a:a66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1nw.novawhirl.online/lWnwe
Effective URL:
https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarg...
Submission: On August 19 via manual (August 19th 2023, 6:42:48 pm UTC) from GR — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 15 domains to perform 33 HTTP transactions. The main IP is 2606:4700:20::681a:a66, located in and belongs to . The main domain is 20bet.life.
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.

This is the only time 20bet.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:b:7... 2a02:4780:b:739:0:2be4:9d0b:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1 2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
15	172.64.133.20 172.64.133.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.55.236.100 162.55.236.100	24940 (HETZNER-AS) (HETZNER-AS)
1 1	49.12.123.158 49.12.123.158	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2620:1ec:46::45 2620:1ec:46::45	() ()
1 1	3.126.81.211 3.126.81.211	() ()
1	2606:4700:20:... 2606:4700:20::681a:a66	() ()
33	7

1 2a02:4780:b:739:0:2be4:9d0b:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

1nw.novawhirl.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

waufooke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.133.20 (United States)

ASN13335 (CLOUDFLARENET, US)

psaugourtauy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.100 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.100.236.55.162.clients.your-server.de

track-eu.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.123.158 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.158.123.12.49.clients.your-server.de

plinksplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (None, ) 1 redirects

ASN- ()

promo.20bet.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.81.211 (None, ) 1 redirects

ASN- ()

20media.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a66 (None, )

ASN- ()

20bet.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	psaugourtauy.com psaugourtauy.com — Cisco Umbrella Rank: 58005	60 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9422	2 KB
2	waufooke.com 1 redirects waufooke.com — Cisco Umbrella Rank: 208805	14 KB
1	20bet.life 20bet.life
1	20media.world 1 redirects 20media.world	741 B
1	20bet.partners 1 redirects promo.20bet.partners	974 B
1	plinksplanet.com 1 redirects plinksplanet.com — Cisco Umbrella Rank: 352245	489 B
1	trackingtraffo.com 1 redirects track-eu.trackingtraffo.com — Cisco Umbrella Rank: 459010	387 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 28662	464 B
1	novawhirl.online 1nw.novawhirl.online	1 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
0	onesignal.com Failed cdn.onesignal.com Failed
0	seon.io Failed cdn.seon.io Failed
0	a8r.games Failed casino.cur.a8r.games Failed
0	googleapis.com Failed fonts.googleapis.com Failed
33	15

	Domain	Requested by
15	psaugourtauy.com	psaugourtauy.com
4	my.rtmark.net	waufooke.com psaugourtauy.com
2	waufooke.com	1 redirects 1nw.novawhirl.online
1	20bet.life	psaugourtauy.com 20bet.life
1	20media.world	1 redirects
1	promo.20bet.partners	1 redirects
1	plinksplanet.com	1 redirects
1	track-eu.trackingtraffo.com	1 redirects
1	datatechone.com	waufooke.com
1	1nw.novawhirl.online
0	static.cloudflareinsights.com Failed	20bet.life
0	cdn.onesignal.com Failed	20bet.life
0	cdn.seon.io Failed	20bet.life
0	casino.cur.a8r.games Failed	20bet.life
0	fonts.googleapis.com Failed	20bet.life
33	15

This site contains no links.

Subject Issuer	Validity	Valid
1nw.novawhirl.online ZeroSSL RSA Domain Secure Site CA	`2023-08-08` - `2023-11-06`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
psaugourtauy.com E1	`2023-08-14` - `2023-11-12`	3 months	crt.sh
20bet.life GTS CA 1P5	`2023-07-25` - `2023-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc
Frame ID: 4E04F1E13E44815A2C8196299D92B38C
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://1nw.novawhirl.online/lWnwe Page URL
http://waufooke.com/4/6101565 Page URL
http://waufooke.com/?z=6101565&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z... Page URL
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z... Page URL
https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6101565&var3=716836112198541445&oaid=cefaaa1dbd39... Page URL
https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=TlCdSXA3AzfSEzmnE46vwfMH5odoCTfkWZPjkDlvs753-oTzDfxinP... HTTP 302
https://plinksplanet.com/click.php?key=cng0o99uglso3g4nulcr&clickid=48db2724-e479-4a2a-8361-19e63111b... HTTP 302
https://promo.20bet.partners/redirect.aspx?pid=164506&bid=1971&lpid=424&utm_source=retarget&utm_medium=Ub... HTTP 307
https://20media.world/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E... HTTP 302
https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E... Page URL

Page Statistics

33
Requests

67 %
HTTPS

30 %
IPv6

15
Domains

15
Subdomains

7
IPs

3
Countries

77 kB
Transfer

232 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1nw.novawhirl.online/lWnwe Page URL
http://waufooke.com/4/6101565 Page URL
http://waufooke.com/?z=6101565&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6101565&var3=716836112198541445&oaid=cefaaa1dbd39efcaf57512cd17a9a1cd Page URL
https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=TlCdSXA3AzfSEzmnE46vwfMH5odoCTfkWZPjkDlvs753-oTzDfxinPxHEpfTNmgLGBCuT-nMHisy3ym7jlINPoht_B4McLTeJggIYRWyIkwt-tlZFH5iD2zcMJrTwrGmJDhv5YFYxJDtT_czqHSrQzKxv9D_U1ZZxLyeZvq9IgK83h13B8G-nydjAmgYrsxlhWeRUlzjR09A1c5JjbrIlwNqpZz9834iD-LeK3n_d4FGjZmFVhPRaNuZmh416U_BjvNwGTQ3XVrWE-8wglOP7jlYVfMTGbg1cKYuiYqhV9ghvo-ShQ-OfBE8Voz9l7ebXwzKsT9YQrmECucIvmJMJ3g6cQvkMf-23Lxp5Chkh3171dPmp22ncEmgVVSNxpTRROdh6S9Oqf6DVmeeje_PZKFJ0rM7AwiOH3IyC-yDVTk2ZdMjXvFreBfal7pTqTlTcV3fxHWSyBnsCdKOD3wfm2bVyvNqhyH9_M2U5kk_HYKQuO_BveQjsqxWefcAjaT2ruT5Dm8iyP0goH87j8Q5fKTCb11BZSEQnKpsFDDvo24oRozNLkGMoVMABYzL_mRVgvQdYfBMTTYNWe0I-1zCiHzLABuXjChS7FlvsFm71x2tPNfp1ZjxwuAlCglEzGHUGJbYm3Kr33QugGw3rcLnUrxytZsYP9gX8NKYugE0K-J8m_KuI-W1A-xYduV7QYlMHIIl7I9YPW8ePv-1rcoztg HTTP 302
https://plinksplanet.com/click.php?key=cng0o99uglso3g4nulcr&clickid=48db2724-e479-4a2a-8361-19e63111b377&cost=0.002&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-08-19&BID_PUB=0.002&CR_ID=3650&PUB_NAME=Propeller-POP HTTP 302
https://promo.20bet.partners/redirect.aspx?pid=164506&bid=1971&lpid=424&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc HTTP 307
https://20media.world/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc HTTP 302
https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://waufooke.com/?z=6101565&syncedCookie=true&rhd=false HTTP 302
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

33 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 lWnwe Show response
1nw.novawhirl.online/ 4 KB
1 KB 688ms
333ms Document
text/html 2a02:4780:b:739:0:2be4:9d0b:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://1nw.novawhirl.online/lWnwe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:739:0:2be4:9d0b:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

71d06ed70ed9c52b7570adce60aae887bd289123a0ee8c4141bcfcd2177e5256

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 949
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 18:42:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 6101565 Show response
waufooke.com/4/ 27 KB
13 KB 49ms
18ms Document
text/html 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waufooke.com/4/6101565
Requested by: Host: 1nw.novawhirl.online
URL: https://1nw.novawhirl.online/lWnwe
Protocol: HTTP/1.1
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 61fc7c261fa66a8193633e21c7aeac93b938e26110a27bb8c3121605df523f1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: * *
Access-Control-Max-Age: 86400
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf8
Date: Sat, 19 Aug 2023 18:42:45 GMT
Expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Pragma: no-cache no-cache
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked
X-Trace-Id: 1cd5d3a956a88746e024390313dea526

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 64ms
21ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=d506f1c9eb284e289a8f282055845720

Requested by

Host: waufooke.com
URL: http://waufooke.com/4/6101565

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://waufooke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
464 B 92ms
17ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: waufooke.com
URL: http://waufooke.com/4/6101565
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: http://waufooke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 19 Aug 2023 18:42:45 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://waufooke.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
psaugourtauy.com/
Redirect Chain

http://waufooke.com/?z=6101565&syncedCookie=true&rhd=false
https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

39 KB
13 KB

133ms
89ms

Document
text/html

172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: be7101f99858a2e86f1787339c29a996a42aefe535b87b77ee5a60a8e690eb8a

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://waufooke.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f9489ccdcc01a86-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 18:42:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jioeK78CuYnmTio895WMCYA6VCd8GK27WWce9fj5gyPo5LPQYMGfdSPtfQEwCrS8pqst5MF0tE%2F1y42dMK3F%2FJ4slRtNZIT%2FgQCo7YPupoCorXsu%2BblfR4FVu2i%2FvpR9jI3M"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Accept-Ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: http://waufooke.com
Access-Control-Max-Age: 86400
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 19 Aug 2023 18:42:45 GMT
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Link: <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
Location: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: * *
X-Content-Type-Options: nosniff
X-Trace-Id: 17319ce61e62c8ba953147a08bc7a95f

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 19ms
19ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=cefaaa1dbd39efcaf57512cd17a9a1cd

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18e13d00df0c6babe87602f4a305f41a6873e27b10250c844183c8be8430adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 34ms
33ms Script
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8c320d7447ad9ee8f456bf7bbe408ef09edd6625a8a080dd3dbbeab3c0b896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 13:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64df6d68-6899"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKDcDsnwxnnWX%2FpbVGzJgXs7XSojYQUmKi4et9GIg8WdSFZOCWY7Jkod14M9s%2Bd8pY8zcorFJSdZJ64I2owMmwN%2BKTavlAFYgVbKzBAPXfjwGHx7N7%2F5VkXhC4WWtx2vD2CU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7f9489cd7dc81a86-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 26ms
26ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6101565&var3=716836112198541445&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173d963e420670c80667fa66f8e65b3afb18ddca6f555c05db49fc3ddbc9d18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 6043683f23eeeb19738acb3e6519a8cc
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e65x34Bxq2dYotYSyly%2Fbp8v%2BocXVCkaWYFU08yhgwpE3GqqStwnpjcRcTRLlTaQ3rsonu6v1oVuBo3ANDNyDlpoOMP9h6qV7dLUXz5RUFbpRYnpOxDVIh%2B2%2Bf2vTWAKyqLr"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f9489cd8dce1a86-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
psaugourtauy.com/ 2 B
389 B 42ms
42ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.24
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFaDCoPX%2BAdTKzKe3%2FRvwP%2BYm2VCBYjyjeYpcElLQ8vjVfio1VAjkT0ed408lGUCnh%2Bxs8NGIKCtVDf48z8Q%2F9d7xau6J%2FiA7ekHBNv66zqzV4MHbjoFOcudtOGdvajbRKjm"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7f9489cd8dd41a86-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
950 B 36ms
35ms Other
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=6101565&ymid=716836112198541445&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIZ1hx9po3UUkZWO2VOG4IFAOSdvOVvROuUGBo380pmT%2Fju9RXSfSxL3Auc3MklAa7XrviSRzuH4WKyNHKDv0HetKzVeHV%2FbzR6JmnGwPN8qE9W%2FxY6dfDDjNHS%2B2qpiwNt%2F"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7f9489cdccbd2bf5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
516 B 28ms
28ms Ping
text/plain 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6101565&ymid=716836112198541445&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 60fb164a8377d020636961591a35a3a3
date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlJLIjCSCfkjnVqEzp8olTCaxwN5gT2%2B6pQiMNlJGuehmD3tcM%2FpCbttAtHWrhzclCDx3NV7q1B%2F4Wox7FxEf0BRO7uskTYchwLnAuRYAdB2jx7Y0OiREHFYQPKb6OPTe5sQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7f9489cdccbe2bf5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js
my.rtmark.net/ 65 B
543 B 14ms
14ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=716836112198541445&var=6101565

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
psaugourtauy.com/ 905 B
1 KB 32ms
32ms Fetch
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6101565&ymid=716836112198541445&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 4e6019a3e278dac2d556cf1a35f02608
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVWfsJgr%2BBKbo%2FR6K7tZU%2BXNgi5s8ymNmf8QGh%2F1XG95JLHD1peZCZf6xy%2BXD2kgZkpUp4EeFsAsozlh42HSV4SYNX8%2BuHo%2FPLmgAcXuMJjZb7qlYVahgAo3K6guW80zNsJJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f9489cddcde2bf5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 / Show response
psaugourtauy.com/ 39 KB
13 KB 76ms
75ms Document
text/html 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 3824301454da5aa9a1c7923393a38e70212863ef53ff6581dfe844877ba6a6dc

Request headers

Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f9489cdfd1b2bf5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 18:42:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgmzocjncnzLFAxU3XxthV0YpunKtim7vzS8WPlp968SbsLMjcfhvyFhcltB%2FmUdQctgwCUHKbNAED3gZ1jqKzeOByKe2HSSnolxTCXtCEID0%2F53patxyIekwtNubzg63Xtn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

GET
H3 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
11 KB 40ms
40ms Script
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8c320d7447ad9ee8f456bf7bbe408ef09edd6625a8a080dd3dbbeab3c0b896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 13:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64df6d68-6899"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfWXP2dQTJD3b59Ho8SIxDECfO6yMluDGwjix%2Fl9qfUI6iyEMiGo7bjeUSsCJijCWTD6Xi4gxC8a3j%2BsjjQUhagYIlQtkNIU8GFNycMB7%2FzUcQ2u%2BwYUinfn2dtBWoAULiuI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7f9489ce8dfc2bf5-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 34ms
34ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6101565&var3=716836112198541445&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911481153ed2c3661af06ac92198b2f423a93d93492352db29c0f6b6cd585a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: fbc71c46f1ea52eb9ee0f8bf7d877001
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FJ3nR8VZaK83OGEKf4bbb3%2FFvnJiivm4bcZW6wxl0kMKmNc4NZNGE8Wvsk5gNPneKFVItHFrjBNg8il6OgMdictt48QHeQDRoqfLfyq2qeEAtnZ%2F%2BYXHcNQQUJc3PaMz2dX"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7f9489ce9e082bf5-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
psaugourtauy.com/ 2 B
525 B 41ms
41ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4a7bJlvLv%2FIUysf%2FjgmDJJFNZrr8uiBknNvDc28lYqQAUS15BAEeOq%2BihARG0TItHMKa409Q7oG0zkAbPKIILFDoAlzWjYm6tEzvENPKFxWZmzXl9xWnmG02p2BNdWNImdJ7"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7f9489ce9e142bf5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
947 B 35ms
34ms Other
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=6101565&ymid=716836112198541445&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wict%2F716gS6VB6ZMKcfbMgFgHTsfnOSMfIluxueRx9dGD2vmIivCN%2BAoRCDbXxZS13rfmxH7RYtgwrSSQFQnJ6ACmpGUSq7xAG%2BKnjhu%2BUX5sgy6Md1aajRFMEhuSWVO8Ivl"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7f9489cece562bf5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
484 B 23ms
23ms Ping
text/plain 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6101565&ymid=716836112198541445&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 85ae3634acd36a251d9a8636e4ce652d
date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbBOphT7LZM96aPvBlz%2BXjXGEP2sm3GVkGlEqwm0etcMPuw3umCMWZUmFH%2Bms9KcL8aAH9EV3oYRkAD%2BNfDLT%2Bm6D6kRsFAqcX%2FPvc1ti7zGtan9gXH8fgyHt3VKPui%2Bo8bg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7f9489cece552bf5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 15ms
14ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=716836112198541445&var=6101565

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18e13d00df0c6babe87602f4a305f41a6873e27b10250c844183c8be8430adaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
psaugourtauy.com/ 905 B
1 KB 31ms
31ms Fetch
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6101565&ymid=716836112198541445&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=716836112198541445&var=6101565&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4022c0bd73469269208636f6a2b97294637040f04e9481238b40e9127407a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:42:46 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 8ab8c60fd0713e4075ef60e24a59cde9
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCXwtr1EibZpZu66KoeM04kNlxEwgFOO5dvcFMT42cc%2BoKmjGrPKg0WcnRA3NNRj4rzks%2BUFpc%2B%2FOIJRgRnSYhyoa3vBrG40b2fUV7%2FCDpe2z%2F4t7TQbW6AaUBiySPQ1JuiO"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f9489cede5e2bf5-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 /
psaugourtauy.com/submenu/4662728/ 3 KB
2 KB 44ms
43ms Document
text/html 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6101565&var3=716836112198541445&oaid=cefaaa1dbd39efcaf57512cd17a9a1cd

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=716836112198541445&ssk=f548036ef4c666b2246a7de5def32a0e&svar=1692470565&z=6101565&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f9489d21b5c2bf5-FRA
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 19 Aug 2023 18:42:46 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://track-eu.trackingtraffo.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Rl4dzq2MKilq3nlASFScGm%2F6rkOZgT2dnElgKvDfoH3h3aP0uT8NfRo3N3gvu9%2F63wwG4wYBjSkh3%2Bb9kAyLG8PjmOD8XjRv4rl%2B2bOtK%2FTql0dzCAFMvn6v%2BcrKp0BMV8k"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: f04d8ff5d7976273e9763a69cd6e74e1

GET
H2

200

Primary Request first-deposit-sport
20bet.life/de/promotions/
Redirect Chain

https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=TlCdSXA3AzfSEzmnE46vwfMH5odoCTfkWZPjkDlvs753-oTzDfxinPxHEpfTNmgLGBCuT-nMHisy3ym7jlINPoht_B4McLTeJggIYRWyIkwt-tlZFH5iD2zcMJrTwrGmJDhv5YFYxJD...
https://plinksplanet.com/click.php?key=cng0o99uglso3g4nulcr&clickid=48db2724-e479-4a2a-8361-19e63111b377&cost=0.002&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-08-19&BI...
https://promo.20bet.partners/redirect.aspx?pid=164506&bid=1971&lpid=424&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-Not...
https://20media.world/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&ut...
https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_t...

60 KB
0

503ms
464ms

Document
text/html

2606:4700:20::681a:a66

General

Check archive.org

Show headers Download Go to

Full URL: https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/submenu/4662728/?rhd=1&var=6101565&var3=716836112198541445&oaid=cefaaa1dbd39efcaf57512cd17a9a1cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a66 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://psaugourtauy.com/partitial/3735488/?var=4662728&ab2r=0&prfrev=false&rhd=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7f9489d73e1e1c2e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 18:42:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8Z0C2%2Fvb9kukCmVmhgpuHrTeJKKkvgRAIyQSLOy0qBkSA7nAKfMbuy8qnjTFcx8mOByO5S%2FBozlgxmg0A4K3YlIpkkuMsbNdGtKdVkb9zHyDeICSXbZY8CaiNu5Urxd8uK47S5uJcs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 19 Aug 2023 18:42:47 GMT
Location: https://20bet.life/de/promotions/first-deposit-sport?btag=655020_E3FC21E0320049DFB8096105FFAB7E91&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&utm_term=Ubidex-20bet-DE-AT-NotReg-pop-FTDSport-424&subid=ab401fna0g6vcsldbc
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET css
fonts.googleapis.com/ 0
0

GET styles.bab33073289d0de5.css
20bet.life/app/ 0
0

GET sg.js
casino.cur.a8r.games/public/ 0
0

GET agent.js
cdn.seon.io/js/v4/ 0
0

GET configuration.js
20bet.life/ 0
0

GET OneSignalSDK.js
cdn.onesignal.com/sdks/ 0
0

GET mainLoaderDark.gif
20bet.life/custom-assets/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET app-692ed3cf06.js
20bet.life/static/js/ 0
0

GET v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic

Domain: 20bet.life
URL: https://20bet.life/app/styles.bab33073289d0de5.css

Domain: casino.cur.a8r.games
URL: https://casino.cur.a8r.games/public/sg.js

Domain: cdn.seon.io
URL: https://cdn.seon.io/js/v4/agent.js

Domain: 20bet.life
URL: https://20bet.life/configuration.js

Domain: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Domain: 20bet.life
URL: https://20bet.life/custom-assets/mainLoaderDark.gif

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&subset=cyrillic-ext

Domain: 20bet.life
URL: https://20bet.life/static/js/app-692ed3cf06.js

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1nw.novawhirl.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1b63ec24ace7aa761190f1eb00f9fd8e
1nw.novawhirl.online/	1970-01-20 14:07:51	Name: short_97105 Value: 1
waufooke.com/	1970-01-20 22:53:26	Name: OAID Value: d506f1c9eb284e289a8f282055845720
waufooke.com/	1970-01-20 22:53:26	Name: oaidts Value: 1692470565
my.rtmark.net/	1970-01-20 22:53:26	Name: ID Value: d506f1c9eb284e289a8f282055845720
waufooke.com/	1970-01-20 14:17:55	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 14:17:55	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 22:53:26	Name: OAID Value: cefaaa1dbd39efcaf57512cd17a9a1cd
psaugourtauy.com/	1970-01-20 14:07:54	Name: reverse Value: tMaOZjH4R4uv6vUVrpY8RrDkTo0jmWfpcFmttJC2dJA
psaugourtauy.com/	1970-01-20 22:53:26	Name: oaidts Value: 1692470566
plinksplanet.com/	1970-01-20 14:09:16	Name: uclick Value: fna0g6vcsl
plinksplanet.com/	1970-01-20 14:09:16	Name: uclickhash Value: fna0g6vcsl-fna0g6vcsl-fvp2-0-j2du-hefvwj-irpmdz-4e2d69

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://waufooke.com/4/6101565(Line 26) Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1nw.novawhirl.online
20bet.life
20media.world
casino.cur.a8r.games
cdn.onesignal.com
cdn.seon.io
datatechone.com
fonts.googleapis.com
my.rtmark.net
plinksplanet.com
promo.20bet.partners
psaugourtauy.com
static.cloudflareinsights.com
track-eu.trackingtraffo.com
waufooke.com
20bet.life
casino.cur.a8r.games
cdn.onesignal.com
cdn.seon.io
fonts.googleapis.com
static.cloudflareinsights.com
139.45.195.253
139.45.195.8
139.45.197.238
162.55.236.100
172.64.133.20
2606:4700:20::681a:a66
2620:1ec:46::45
2a02:4780:b:739:0:2be4:9d0b:10
3.126.81.211
49.12.123.158
173d963e420670c80667fa66f8e65b3afb18ddca6f555c05db49fc3ddbc9d18d
18e13d00df0c6babe87602f4a305f41a6873e27b10250c844183c8be8430adaf
3824301454da5aa9a1c7923393a38e70212863ef53ff6581dfe844877ba6a6dc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
61fc7c261fa66a8193633e21c7aeac93b938e26110a27bb8c3121605df523f1d
71d06ed70ed9c52b7570adce60aae887bd289123a0ee8c4141bcfcd2177e5256
911481153ed2c3661af06ac92198b2f423a93d93492352db29c0f6b6cd585a3d
be7101f99858a2e86f1787339c29a996a42aefe535b87b77ee5a60a8e690eb8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb8c320d7447ad9ee8f456bf7bbe408ef09edd6625a8a080dd3dbbeab3c0b896
f4022c0bd73469269208636f6a2b97294637040f04e9481238b40e9127407a09

20bet.life Open in urlscan Pro 2606:4700:20::681a:a66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

33 Requests

67 %HTTPS

30 %IPv6

15 Domains

15 Subdomains

7 IPs

3 Countries

77 kBTransfer

232 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

12 Cookies

1 Console Messages

Security Headers

Indicators

20bet.life Open in urlscan Pro
2606:4700:20::681a:a66 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

67 %
HTTPS

30 %
IPv6

15
Domains

15
Subdomains

7
IPs

3
Countries

77 kB
Transfer

232 kB
Size

12
Cookies

33 HTTP transactions
2 data transactions