urlscan.io logo urlscan.io
SecurityTrails logo

www.tes-partner.de Open in urlscan Pro
34.249.200.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.xn--sportwetten-geld-zurck-cmc.de/
Effective URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Submission: On June 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 14 domains to perform 31 HTTP transactions. The main IP is 34.249.200.254, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.tes-partner.de.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.
This is the only time www.tes-partner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:238:20a:... 6724 (STRATO ST...)
1 34.249.200.254 16509 (AMAZON-02)
10 172.64.153.29 13335 (CLOUDFLAR...)
2 104.16.116.18 13335 (CLOUDFLAR...)
1 52.222.232.99 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 217.160.242.202 8560 (IONOS-AS ...)
4 18.66.112.13 16509 (AMAZON-02)
3 81.173.115.249 8560 (IONOS-AS ...)
1 142.250.185.194 15169 (GOOGLE)
1 217.160.192.223 8560 (IONOS-AS ...)
1 1 172.217.18.2 15169 (GOOGLE)
1 1 142.250.186.164 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
31 13
1    2a01:238:20a:202:1078:: (Germany)

ASN6724 (STRATO STRATO AG, DE)
www.xn--sportwetten-geld-zurck-cmc.de
1    34.249.200.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
www.tes-partner.de
10    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
2    104.16.116.18 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.anwalt.de
1    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    217.160.242.202 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
app.jupus.de
4    18.66.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-13.fra56.r.cloudfront.net
uploads-ssl.webflow.com
3    81.173.115.249 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ip81-173-115-249.pbiaas.com
s3-eu-central-1.ionoscloud.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    217.160.192.223 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
chat.bot.jupus.de
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
10 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9424
576 KB
4 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 15029
105 KB
3 ionoscloud.com
s3-eu-central-1.ionoscloud.com — Cisco Umbrella Rank: 990037
160 KB
3 jupus.de
app.jupus.de
chat.bot.jupus.de
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
176 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
41 KB
2 anwalt.de
widget.anwalt.de
www.anwalt.de Failed
15 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8196
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
24 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
2 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 tes-partner.de
www.tes-partner.de
14 KB
1 xn--sportwetten-geld-zurck-cmc.de
www.xn--sportwetten-geld-zurck-cmc.de
152 B
31 14
Domain Requested by
10 cdn.prod.website-files.com www.tes-partner.de
cdn.prod.website-files.com
4 uploads-ssl.webflow.com cdn.prod.website-files.com
3 s3-eu-central-1.ionoscloud.com app.jupus.de
s3-eu-central-1.ionoscloud.com
2 app.jupus.de www.tes-partner.de
2 www.googletagmanager.com www.tes-partner.de
www.googletagmanager.com
2 cdnjs.cloudflare.com www.tes-partner.de
2 widget.anwalt.de www.tes-partner.de
1 www.google.de www.tes-partner.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 chat.bot.jupus.de s3-eu-central-1.ionoscloud.com
1 www.googleadservices.com www.googletagmanager.com
1 d3e54v103j8qbb.cloudfront.net www.tes-partner.de
1 www.tes-partner.de
1 www.xn--sportwetten-geld-zurck-cmc.de 1 redirects
0 www.anwalt.de Failed www.tes-partner.de
31 16

This site contains links to these domains. Also see Links.

Domain
www.anwalt.de
Subject Issuer Validity Valid
www.tes-partner.de
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
prod.website-files.com
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
anwalt.de
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
app.jupus.de
E5		 2024-06-13 -
2024-09-11		 3 months crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
cmc.ionos.com
GeoTrust TLS RSA CA G1		 2024-02-13 -
2024-08-14		 6 months crt.sh
*.googleadservices.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
chat.bot.jupus.de
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Frame ID: C73BEB407A3DBD838E72CD9B7A3C3336
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rückforderung von Online-Sportwetten-Verlusten

Page URL History Show full URLs

  1. https://www.xn--sportwetten-geld-zurck-cmc.de/ HTTP 301
    https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

13 %
IPv6

14
Domains

16
Subdomains

13
IPs

4
Countries

1154 kB
Transfer

2289 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xn--sportwetten-geld-zurck-cmc.de/ HTTP 301
    https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEI8L2_swYQm8CroZz8uJDSARIdAMdRxzB56KzkhgbE1yLrjuZTvzF14xg048xIfKQ&pscrd=IhMIhavAu_3ihgMVBfI7Ah2eAQp7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIhavAu_3ihgMVBfI7Ah2eAQp7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooLQLl4WJqt1iI1f8Mq32WNRNHyAy9PCQ&eitems=ChEI8L2_swYQm8CroZz8uJDSARIdAMdRxzB8eN8loRI_ujn0TQfQ5Yd2HkwiosL7-RU&random=202548680 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIhavAu_3ihgMVBfI7Ah2eAQp7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooLQLl4WJqt1iI1f8Mq32WNRNHyAy9PCQ&eitems=ChEI8L2_swYQm8CroZz8uJDSARIdAMdRxzB8eN8loRI_ujn0TQfQ5Yd2HkwiosL7-RU&random=202548680&ipr=y

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ruckforderung-von-online-sportwetten-verlusten
www.tes-partner.de/landingpages/
Redirect Chain
  • https://www.xn--sportwetten-geld-zurck-cmc.de/
  • https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
57 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ebcae79cd7be03a921b85a8ba11ed9fa8d0cad188c1fdb8532d0f6c549f91a6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1177209
content-encoding
gzip
content-length
13840
content-type
text/html
date
Mon, 17 Jun 2024 15:44:30 GMT
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
HIT, HIT
x-cache-hits
7, 1
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
31f5a9c7-70b2-48c8-8dd3-0af95b0097cb
x-served-by
cache-iad-kiad7000075-IAD, cache-dub4334-DUB
x-timer
S1718639071.830635,VS0,VE1

Redirect headers

content-length
294
content-type
text/html; charset=iso-8859-1
date
Mon, 17 Jun 2024 15:44:30 GMT
location
https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
server
Apache/2.4.59 (Unix)
tes-partner.webflow.548bb6149.css
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d569153c21ee3da82df8dd6faea169f659d3687a9ed0dfa428339d43d0467de7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
content-encoding
gzip
x-amz-version-id
m2sY9WXGrw5eQERQoO3KeQEsK4wUeJG_
cf-cache-status
HIT
x-amz-request-id
DG8HWVN39HQ0SNVG
age
62731
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
20287
x-amz-id-2
lFHrnm56tU1UKuRJKpMv2vozGzyphlWhRCCfBWvdXLJIX/RWieU2baqVmusK5KvtiP8H6GvYJ5g=
last-modified
Mon, 03 Jun 2024 18:06:56 GMT
server
cloudflare
etag
"7eefb9c33d9165b859c159a948759e83"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
895429523e532bb2-FRA
expires
Tue, 18 Jun 2024 15:14:31 GMT
664de85d10ce32129e2627f8_sportwetten-p-800.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/664de85d10ce32129e2627f8_sportwetten-p-800.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7afe54babcd1834c4fb9410734637b200ebefd139c26a2d44c0bb37db25690

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
yevXjxWYmy.Gx_Y.pC3p24nUZ3m5fW8G
cf-cache-status
HIT
x-amz-request-id
EJNVH0P24T8123QS
age
429631
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
89232
x-amz-id-2
/KpvCtZg5PjjYPAVJLG8llEtjPCSTVaWYEHcDzAj6e8r4UAY/SOWoHF/Oev/dqJiLEZE8+HFZzk=
last-modified
Wed, 22 May 2024 12:43:13 GMT
server
cloudflare
etag
"f89dd74d42535f5e933185e7d31854e4"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
895429522e4c2bb2-FRA
expires
Tue, 17 Jun 2025 15:44:31 GMT
65f854c821bff59db27cd2c6_Anwaltsbereich-p-800.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65f854c821bff59db27cd2c6_Anwaltsbereich-p-800.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919bd13edb1d5f4f450a621d9755268819d58a77b3c3bffa6c41114ef671fbbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
lh43IbL4PXeshqd_oVw9gkthUg0Gn3ds
cf-cache-status
HIT
x-amz-request-id
RM0ZBYD78HFZS40V
age
114694
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
30576
x-amz-id-2
FjRds7AvXKD+1/+XMOHa05ADcI234gD4CEXc3WRJI31mRHnqxuewmz9dtN3bJMuDowqhsTiyof8=
last-modified
Mon, 18 Mar 2024 14:50:50 GMT
server
cloudflare
etag
"63eddb6c838b8fa41bb9ea0a29484c9c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
895429523e572bb2-FRA
expires
Tue, 17 Jun 2025 15:44:31 GMT
get.js
widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/get.js?v=2
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.116.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cba5bd52de56819b3c0c599b6aa3e62ae3e6fa944d1149d3c05692f82b26541
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 17 Jun 2024 15:44:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
89542954b9446919-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=653284ded15c4bf1199cdb59
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:14:35 GMT
content-encoding
br
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
age
37797
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
HYP5eX6Vbe9MR_qBepuXZFe4N2bzS4W0lQgHn13OiREnOZNn8eR2Yw==
webflow.57d516747.js
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/ 		613 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/webflow.57d516747.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf14310b5be14df30b01ce08e674f9efd05a13864cf8d08f5bf9f550c22fa7e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
content-encoding
gzip
x-amz-version-id
meMPI.3qMGnQft1YWCgxvlGeSQfHIck2
cf-cache-status
HIT
x-amz-request-id
0G9SJKCKFAN0JW3X
age
23066
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
174209
x-amz-id-2
AJ80UShmggGJWXeJvMjJGtIiQ7/NPP0xfsyWuFUwUe46F0KzAhQQ0V067N89lNMyRvKpEEBbNO4=
last-modified
Mon, 03 Jun 2024 17:44:05 GMT
server
cloudflare
etag
"81bf0b07eab3f94e5fe47524f221a98b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
89542954287b2bb2-FRA
expires
Tue, 18 Jun 2024 15:14:31 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
516876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp8pe56MKAVZpYowIqIj6Z9NfnrK4E%2BTsiydUXMGXK24k4%2FCpQqg8eOSAfiQwINcXufrF2%2FM53NT8njoAFx179%2FrYNE7gPms08SrqNSfG2uWIYr1NHT%2Bg81rTLVQXd%2BcJum6Umv7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89542954bd5b694f-FRA
expires
Sat, 07 Jun 2025 15:44:31 GMT
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ScrollTrigger.min.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
340645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15693
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-3d4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NT1JJtHAKjI3%2F9jofPkHGgWOpVxmw9XBIpYIGarTPsbr2mUpFJFjEVKoUgNiSsM21XioTdwL5j7fhtJsUsN8yFHZS3yznbZYAjPOE5HnY1PvMH0T%2F0nKh4OoNURqe8wSuIIsy7zj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89542954bd59694f-FRA
expires
Sat, 07 Jun 2025 15:44:31 GMT
gtm.js
www.googletagmanager.com/ 		241 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKJ832SB
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
390df940048d22cf8b6ab46aea7bd05cff74e33575ea8306a5964429ab7a8ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87976
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jun 2024 15:44:31 GMT
0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
app.jupus.de/chat/embed/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.242.202 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
ff7a00ce084aad750b04d3fcd804f92c8332feafad0c1e6d2c6b4de3e007d9d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
server
Caddy, gunicorn
cross-origin-opener-policy
same-origin
vary
Cookie
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
alt-svc
h3=":443"; ma=2592000
content-length
21799
expires
Mon, 17 Jun 2024 15:44:31 GMT
get.js
widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/get.js?v=2
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.116.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cba5bd52de56819b3c0c599b6aa3e62ae3e6fa944d1149d3c05692f82b26541
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 17 Jun 2024 15:44:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
89542958eda76919-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
65bcd40622f3f674d4bf2294_Frankfurt_standort.jpg
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65bcd40622f3f674d4bf2294_Frankfurt_standort.jpg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e31cfbd7bce0f0345bf28cbb19804c0bb36cb6c83a40f33b4b78073ae4e456

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
W46DYKZ9.K_q9o5T1e4Cv9XWyGidPT4X
cf-cache-status
HIT
x-amz-request-id
SEBFGV1HZGCX3PWW
age
1202441
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
107135
x-amz-id-2
yIEnvpkE5bgBoSP0cPAaf8ZDLqoDrlW/M+30rZg1is8iS8lkvA9sFQ70nEDYlaxTXopbiL6ATPc=
cf-bgj
h2pri
last-modified
Fri, 02 Feb 2024 11:37:43 GMT
server
cloudflare
etag
"b312dbe71932574c74a1f25cb7304be9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8954295468b52bb2-FRA
expires
Tue, 17 Jun 2025 15:44:31 GMT
65bcd40648baf02527af4afd_BadSoden_standort.jpg
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65bcd40648baf02527af4afd_BadSoden_standort.jpg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34965fc51e439cb0247d875d1be7f6405c775c54323d58f3f87c9f129e477b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
DkgYLEcqK4yktU7FJszJMmCWMRblgyGL
cf-cache-status
HIT
x-amz-request-id
9W4GTJ81G0DMRHDC
age
442144
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
133033
x-amz-id-2
B7Uru3N9myZlHJP3NDAykw3XqKQKrhfVtJpK13CN9U3Kb9Dfqh1d4u4XQRmqYsO2qXxR31mVgLg=
cf-bgj
h2pri
last-modified
Fri, 02 Feb 2024 11:37:43 GMT
server
cloudflare
etag
"c2aaf0579ed5f3aa25f18de35b6829bc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8954295468b72bb2-FRA
expires
Tue, 17 Jun 2025 15:44:31 GMT
6532da2c0668196c73ef48ad_Satoshi-Medium.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2c0668196c73ef48ad_Satoshi-Medium.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 03:14:38 GMT
x-amz-version-id
8y4moZ4ENzEcRKHn1zn7qhvNucKGD.rN
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
age
4624194
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25596
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"cd790237ed63c56b30aa8fb9d99a7563"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
S6IUNe_HGFy4C64OvDxODMSTgROpSm7i4NmPapwWNRXnlRUo43727Q==
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
6532da2cb8b841ba0baa35f3_Satoshi-Bold.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2cb8b841ba0baa35f3_Satoshi-Bold.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 03:14:38 GMT
x-amz-version-id
6D3ise9uTsVdadelgIXy__N_SBhLOFEL
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
age
4624194
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25328
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"d4db658f4dd63bc2d0d84f325a341e29"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
FOGsTM-WZeB30CN078Ri0cWIsMZcmKhK2ZAJcJeafRblNiqgPWsntw==
65415cd504d25f4e83e578db_Gambetta-SemiboldItalic.ttf
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		69 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/65415cd504d25f4e83e578db_Gambetta-SemiboldItalic.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05e5c6e5a8ffef889578221e4cfa1e766645416c0e34943b1db1d4082cb86f86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 07:23:03 GMT
x-amz-version-id
xgjHiBooPSpOn_zKeoLX4hkenvGg1HkG
content-encoding
br
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
age
5127689
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 31 Oct 2023 20:00:23 GMT
server
AmazonS3
etag
W/"ed80a982a8fb986bb9df6a6274e9d67f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
YjG4NxAPHfEe72JZ42hsf1-TrruHe-ek0zvCyuwWw-gK0FVm8IczFg==
6532da2c81db66ea7318142b_Satoshi-Regular.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2c81db66ea7318142b_Satoshi-Regular.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.548bb6149.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 03:14:38 GMT
x-amz-version-id
mlX2qUpm4ZVcWeJRZAo8vLzKg9.r0BG2
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
age
4624194
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25516
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"71a6023c087c936859024eb16ec7a519"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
L8YxNemyxyG9S2ErHBguqVDYw5oW7HNKByssXrsG_ucsc_1duSeLiA==
65fc467e6a3ffc14e095f304_logo-dark.png
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65fc467e6a3ffc14e095f304_logo-dark.png
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c4e4fb3a83b60cb236ec850902f77cc5b2bebe4134045f922b1bec5faa69e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
9D6vtXXC0rOMsoeE1Pz_Oq0RbeAmMiKi
cf-cache-status
HIT
x-amz-request-id
SEB83B65KDXW9X42
age
1202441
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
28845
x-amz-id-2
G8VWCiFsrBUB1oV3mqZi8PJqge5Z7fgcalk99lS/ISqChrJt8YyCb69EcnE0oINmeMU38y1bWVE=
last-modified
Thu, 21 Mar 2024 14:38:55 GMT
server
cloudflare
etag
"2dfa68aec14e00db2777fd56ef01bc9e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8954295539d22bb2-FRA
expires
Tue, 17 Jun 2025 15:44:31 GMT
664dc649e479664fe6f7369c_checkmark.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		286 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/664dc649e479664fe6f7369c_checkmark.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8266f44fbd7df75879580475d88ecd8506d728223cffa77db2a5fb66f596afa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:31 GMT
x-amz-version-id
GLve1aXNf0VlqT2opDLEY895wVNhmO7Q
cf-cache-status
HIT
x-amz-request-id
PBD8NXK9EHZ0D27Y
age
6002
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
286
x-amz-id-2
Sn1j2ic/soFhZHUEGLVUtjrBX+Q6sdBVHposlYWIXpI+029uQdR9bp5sK58sA988v4hp0tFphLM=
last-modified
Wed, 22 May 2024 10:20:09 GMT
server
cloudflare
etag
"2bd716769e316da1f1fd0d74425aca91"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
8954295549e92bb2-FRA
expires
Tue, 18 Jun 2024 15:14:31 GMT
botario.js
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		155 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Requested by
Host: app.jupus.de
URL: https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.249 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-249.pbiaas.com
Software
CloudianS3 /
Resource Hash
dfa531062ebdcb1c9d8b6a46bb8114f7a4ed2606d9141501813237dbc686f3d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:25 GMT
server
CloudianS3
x-amz-request-id
0f7e0605-a199-1802-81c5-3cecef38aab0
etag
"64a477b94cb7858ef60bc6155dbaad8f"
content-type
application/javascript
accept-ranges
bytes
content-length
158928
destination
www.googletagmanager.com/gtag/ 		259 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11468688615&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKJ832SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dfcf1683a6a98bcba724a772994798b159337fa43015966b382c8f064b9c707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92003
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 15:23:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Jun 2024 15:44:32 GMT
65412ed26b34d95e86908510_Animation%20-%201698770607305.json
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65412ed26b34d95e86908510_Animation%20-%201698770607305.json
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/webflow.57d516747.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b4eb4da43752117f5e6afbb54b25c7e0a6e8db87ba7d9b39fedd8059262832

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
x-amz-version-id
aJWRMG2017x9qb4fqbYlYYZO2EnW9Tuq
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8SEB8NF35NAC564D
age
23066
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3QmFOsaF4BQ1kRnW5eQ5OPekOfok/bTmI4luMKoKjTJJ9Ere8qyPhgfYxaJTU+sxvoR61MzBiFA=
last-modified
Tue, 31 Oct 2023 16:44:04 GMT
server
cloudflare
etag
W/"3fc7189333fcfd840af3d8482c03a97e"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8954295a7d39bc03-FRA
expires
Tue, 17 Jun 2025 15:44:32 GMT
/
www.anwalt.de/ 		0
0
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
504b9eb288e20b561177ec9d98fa0fec343d7ca371bdaef2ab8e2c4fe42f7aed

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.googleadservices.com/pagead/conversion/11468688615/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11468688615/?random=1718639072630&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11468688615&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b527349b514820c5acd411406b2c7b357ed21ce559f5ee00c53b4a32f33d93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 15:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1749
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
botario.plugin.upload.js
chat.bot.jupus.de/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.bot.jupus.de/botario.plugin.upload.js
Requested by
Host: s3-eu-central-1.ionoscloud.com
URL: https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.192.223 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
0bf74fd765c1ed05bb78d698ab169d38a7ad6a6e9e576ae1cc315dafecec8dd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:33 GMT
last-modified
Sat, 01 Apr 2023 11:28:16 GMT
server
nginx
accept-ranges
bytes
etag
"64281550-214a"
content-length
8522
content-type
application/javascript
botario.css
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.css
Requested by
Host: app.jupus.de
URL: https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.249 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-249.pbiaas.com
Software
CloudianS3 /
Resource Hash
01409f757b3fd5b2a9ee82262d97408bcf271ccb39882d04e4e63726cdbb6240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:25 GMT
server
CloudianS3
x-amz-request-id
46ff4622-222b-1e95-867c-3cecef38e92e
etag
"44a090448845dcea9b63acbf01f9cab9"
content-type
text/css
accept-ranges
bytes
content-length
2507
/
www.google.de/pagead/1p-conversion/11468688615/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&...
  • https://www.google.com/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cp...
  • https://www.google.de/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIhavAu_3ihgMVBfI7Ah2eAQp7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooLQLl4WJqt1iI1f8Mq32WNRNHyAy9PCQ&eitems=ChEI8L2_swYQm8CroZz8uJDSARIdAMdRxzB8eN8loRI_ujn0TQfQ5Yd2HkwiosL7-RU&random=202548680&ipr=y
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.tes-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 15:44:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Jun 2024 15:44:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11468688615/?random=50506552&cv=11&fst=1718639072630&bg=ffffff&guid=ON&async=1&gtm=45be46c0v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=1834352890.1718639072&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIhavAu_3ihgMVBfI7Ah2eAQp7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooLQLl4WJqt1iI1f8Mq32WNRNHyAy9PCQ&eitems=ChEI8L2_swYQm8CroZz8uJDSARIdAMdRxzB8eN8loRI_ujn0TQfQ5Yd2HkwiosL7-RU&random=202548680&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
66223da596fa7a166a70a59c_favicon-32x32.png
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/66223da596fa7a166a70a59c_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329413d10037556cede01d16b3555aff3e5d6e01cc226183659382d74ad38f3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:34 GMT
x-amz-version-id
8b3_4a5hmyqQcfV1e3mjhOyNc6Q3uSEC
cf-cache-status
HIT
x-amz-request-id
ZF7MMZAHQT0ZDP9S
age
442147
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1512
x-amz-id-2
u3sIlvbX3lc6Qn/b4L+tgiYc0LOjWdM2zK0so5W481iUjuYGV+aidlJ8HohH180YjtJ1LcU+2sdenQrwb2PpVt/T8LPR0Xzp
last-modified
Fri, 19 Apr 2024 09:47:18 GMT
server
cloudflare
etag
"add3e6fe1f23c58413f417769d95e535"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
895429669eea2bb2-FRA
expires
Tue, 17 Jun 2025 15:44:34 GMT
rest.fe228655.js
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/rest.fe228655.js
Requested by
Host: s3-eu-central-1.ionoscloud.com
URL: https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.249 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-249.pbiaas.com
Software
CloudianS3 /
Resource Hash
e1c2c152cbcf13f6fb3d7c12862e5ee76910c0e8407642bd80852247bb20aecb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:27 GMT
server
CloudianS3
x-amz-request-id
46ff4662-222b-1e95-867c-3cecef38e92e
etag
"f45ec8fef1c552e25995d674b7e9ed7f"
content-type
application/javascript
accept-ranges
bytes
content-length
1827
logo.svg%3Ffill=%23ffffff
app.jupus.de/channels/ingress/chatbot/embed/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.jupus.de/channels/ingress/chatbot/embed/logo.svg%3Ffill=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.242.202 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
de17b6fdb2cc614ffd5cc79cfecd84b6c916cdda1a7de5599ab1e2710ca2270a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 15:44:35 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
server
Caddy, gunicorn
cross-origin-opener-policy
same-origin
vary
Cookie
x-frame-options
DENY
content-type
image/svg+xml
alt-svc
h3=":443"; ma=2592000
content-length
1712

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.anwalt.de
URL
https://www.anwalt.de/

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer string| JUPUS function| jp function| $ function| jQuery function| initialize function| bustCache function| loadScript function| loadStyle function| registerEventListener function| onJupusChatWindowOpenedListener function| onjupusChatMessageReceived function| trackConversion function| showButton function| hideButton function| toggleButton function| openFloatingChat function| closeFloatingChat function| toggleFloatingChat object| jupus object| google_tag_manager object| google_tag_data function| tram object| Webflow object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| Observer function| ScrollTrigger object| _gsap function| _scrollTop function| _scrollLeft object| GooglebQhCsO function| parcelRequire6f0e object| botario

2 Cookies

Domain/Path Name / Value
.tes-partner.de/ Name: _gcl_au
Value: 1.1.1834352890.1718639072
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.jupus.de
cdn.prod.website-files.com
cdnjs.cloudflare.com
chat.bot.jupus.de
d3e54v103j8qbb.cloudfront.net
googleads.g.doubleclick.net
s3-eu-central-1.ionoscloud.com
uploads-ssl.webflow.com
widget.anwalt.de
www.anwalt.de
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.tes-partner.de
www.xn--sportwetten-geld-zurck-cmc.de
www.anwalt.de
104.16.116.18
104.17.25.14
142.250.185.194
142.250.186.164
172.217.18.2
172.64.153.29
18.66.112.13
216.58.206.35
217.160.192.223
217.160.242.202
2a00:1450:4001:80e::2008
2a01:238:20a:202:1078::
34.249.200.254
52.222.232.99
81.173.115.249
01409f757b3fd5b2a9ee82262d97408bcf271ccb39882d04e4e63726cdbb6240
05e5c6e5a8ffef889578221e4cfa1e766645416c0e34943b1db1d4082cb86f86
0bf74fd765c1ed05bb78d698ab169d38a7ad6a6e9e576ae1cc315dafecec8dd4
1b527349b514820c5acd411406b2c7b357ed21ce559f5ee00c53b4a32f33d93c
1ebcae79cd7be03a921b85a8ba11ed9fa8d0cad188c1fdb8532d0f6c549f91a6
329413d10037556cede01d16b3555aff3e5d6e01cc226183659382d74ad38f3c
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68
390df940048d22cf8b6ab46aea7bd05cff74e33575ea8306a5964429ab7a8ef0
3cba5bd52de56819b3c0c599b6aa3e62ae3e6fa944d1149d3c05692f82b26541
41b4eb4da43752117f5e6afbb54b25c7e0a6e8db87ba7d9b39fedd8059262832
504b9eb288e20b561177ec9d98fa0fec343d7ca371bdaef2ab8e2c4fe42f7aed
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5
53c4e4fb3a83b60cb236ec850902f77cc5b2bebe4134045f922b1bec5faa69e2
59e31cfbd7bce0f0345bf28cbb19804c0bb36cb6c83a40f33b4b78073ae4e456
65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932
7dfcf1683a6a98bcba724a772994798b159337fa43015966b382c8f064b9c707
8e7afe54babcd1834c4fb9410734637b200ebefd139c26a2d44c0bb37db25690
919bd13edb1d5f4f450a621d9755268819d58a77b3c3bffa6c41114ef671fbbb
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
a34965fc51e439cb0247d875d1be7f6405c775c54323d58f3f87c9f129e477b5
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
cf14310b5be14df30b01ce08e674f9efd05a13864cf8d08f5bf9f550c22fa7e9
d569153c21ee3da82df8dd6faea169f659d3687a9ed0dfa428339d43d0467de7
d8266f44fbd7df75879580475d88ecd8506d728223cffa77db2a5fb66f596afa
de17b6fdb2cc614ffd5cc79cfecd84b6c916cdda1a7de5599ab1e2710ca2270a
dfa531062ebdcb1c9d8b6a46bb8114f7a4ed2606d9141501813237dbc686f3d0
e1c2c152cbcf13f6fb3d7c12862e5ee76910c0e8407642bd80852247bb20aecb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff7a00ce084aad750b04d3fcd804f92c8332feafad0c1e6d2c6b4de3e007d9d8