urlscan.io logo urlscan.io
SecurityTrails logo

welcome.tipico.de Open in urlscan Pro
213.208.154.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Effective URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Submission: On May 15 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 29 HTTP transactions. The main IP is 213.208.154.209, located in Vienna, Austria and belongs to NEXTLAYER-AS, AT. The main domain is welcome.tipico.de.
TLS certificate: Issued by R3 on May 3rd 2022. Valid for: 3 months.
This is the only time welcome.tipico.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 35.201.66.189 15169 (GOOGLE)
1 1 104.111.240.159 16625 (AKAMAI-AS)
10 213.208.154.209 1764 (NEXTLAYER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 104.92.81.61 16625 (AKAMAI-AS)
4 54.159.222.248 14618 (AMAZON-AES)
29 8
3    35.201.66.189 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 189.66.201.35.bc.googleusercontent.com
www.onclickalgo.com
1    104.111.240.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-240-159.deploy.static.akamaitechnologies.com
sports.tipico.de
10    213.208.154.209 (Vienna, Austria)

ASN1764 (NEXTLAYER-AS, AT)
PTR: e2-st-freeze.vm.nextlayer.at
welcome.tipico.de
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.googleoptimize.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    104.92.81.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-81-61.deploy.static.akamaitechnologies.com
c.evidon.com
4    54.159.222.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-222-248.compute-1.amazonaws.com
l.evidon.com
Apex Domain
Subdomains		 Transfer
11 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1112
l.evidon.com — Cisco Umbrella Rank: 7912
45 KB
11 tipico.de
sports.tipico.de — Cisco Umbrella Rank: 237389
welcome.tipico.de
829 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
3 onclickalgo.com
www.onclickalgo.com — Cisco Umbrella Rank: 202159
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
143 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1364
37 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
440 B
29 7
Domain Requested by
10 welcome.tipico.de www.onclickalgo.com
welcome.tipico.de
7 c.evidon.com www.onclickalgo.com
c.evidon.com
4 l.evidon.com welcome.tipico.de
3 www.google-analytics.com welcome.tipico.de
www.google-analytics.com
3 www.onclickalgo.com 2 redirects
2 www.googletagmanager.com welcome.tipico.de
www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sports.tipico.de 1 redirects
29 9

This site contains links to these domains. Also see Links.

Domain
sports.tipico.de
account.tipico.com
account.tipico.de
Subject Issuer Validity Valid
welcome.tipico.de
R3		 2022-05-03 -
2022-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Frame ID: D8B5905706DA6B3E8A8B521B0A728B76
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wette ohne Risiko - welcome.tipico.de

Page URL History Show full URLs

  1. http://www.onclickalgo.com/jump/next.php?r=5482643 Page URL
  2. http://www.onclickalgo.com/jump/next.php?stamat=m%257C%252Ckt3M-dhNqB1dwP0dEdHP3xP.79c%252C2t5FkDDYpjxJ... HTTP 302
    http://www.onclickalgo.com/script/i.php?stamat=m%257C%252C%252Cg2drNif_oGU3Bk-GH0dEdHP3xP.a8c%252C85NwP... HTTP 302
    https://sports.tipico.de/v1/tpapi/ctfes/redirect?campaignId=j32k72mb&affiliateId=739319&target=https:... HTTP 302
    https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

97 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

1078 kB
Transfer

1923 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.onclickalgo.com/jump/next.php?r=5482643 Page URL
  2. http://www.onclickalgo.com/jump/next.php?stamat=m%257C%252Ckt3M-dhNqB1dwP0dEdHP3xP.79c%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAUQkmSxUQU_HiGT8H-tYKXM&cbpage=http://www.onclickalgo.com/jump/next.php?r=5482643&cbur=0.0721018266617055&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.onclickalgo.com/script/i.php?stamat=m%257C%252C%252Cg2drNif_oGU3Bk-GH0dEdHP3xP.a8c%252C85NwPVIGg-P0UYnoYUpkzkYwlYoytoujzhdw5Q_L1rR4RF5hL1RA1JDIbX47tu_uYQcSP1cIj_dIJh9uB0akUil6U4Q0VZruB8OVjLVyODlB2RHgMdCxsKgXHZETQwIv7Rtq4tEtl3IsJJ2XTWCCC0f95aG78mR1BgRjCPh2bfeJ8KrJK5X7E1VA9OB-A7muh1tajqvcdChDwH6zbF5-eGjhao1WcG-WOGSf9QXrhxT5OW5K-lWmZQRZH_KyBCj2g33zcaSLURWEcxxlBVQDDj_i37MeYkPOELBG6Af7IQc-nWOyTp8HGdm1RCjqv48bX_josliPdOnnyWVkSgxbjZGaDBXwThLJodEEOd72SOasz8-KAE0PaG_4w8sZR5VGqAaLgdAG_LzeC4PDKkKzxz8OJHC77VGGlucdMohFToWBfENOp3oPCw7iMxZJptYYrZ15CKi1idw2OldVx7LxYklq_TVBGbv3GNJmBsTts-n_90ABrUIpN8Rv2RUFg0_C6u8nnAyyVWsv5cqYC_XP8hrW_yQiCm8F4Cj7hzC0oHc%252C HTTP 302
    https://sports.tipico.de/v1/tpapi/ctfes/redirect?campaignId=j32k72mb&affiliateId=739319&target=https://welcome.tipico.de/riskfree10/ HTTP 302
    https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
www.onclickalgo.com/jump/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
HTTP/1.1
Server
35.201.66.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.66.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 15 May 2022 18:04:07 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google
Primary Request /
welcome.tipico.de/riskfree10/
Redirect Chain
  • http://www.onclickalgo.com/jump/next.php?stamat=m%257C%252Ckt3M-dhNqB1dwP0dEdHP3xP.79c%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAUQkmSxUQU_HiGT8H-tYKXM&cbpage=http://www.onclickalgo.com/jump/ne...
  • http://www.onclickalgo.com/script/i.php?stamat=m%257C%252C%252Cg2drNif_oGU3Bk-GH0dEdHP3xP.a8c%252C85NwPVIGg-P0UYnoYUpkzkYwlYoytoujzhdw5Q_L1rR4RF5hL1RA1JDIbX47tu_uYQcSP1cIj_dIJh9uB0akUil6U4Q0VZruB8O...
  • https://sports.tipico.de/v1/tpapi/ctfes/redirect?campaignId=j32k72mb&affiliateId=739319&target=https://welcome.tipico.de/riskfree10/
  • https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
37 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Requested by
Host: www.onclickalgo.com
URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
1a54990a58728d1c58bd6e364284049ee48154d63a8e650c5332f6944bb0bd6b

Request headers

Referer
http://www.onclickalgo.com/jump/next.php?r=5482643
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
396420
cache-control
max-age=600, public
content-encoding
gzip
content-length
10140
content-type
text/html; charset=UTF-8
date
Sun, 15 May 2022 18:04:07 GMT
link
<https://welcome.tipico.de/?p=519/>; rel=shortlink
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 15 May 2022 18:04:07 GMT
expires
0
lb-serv
lb02
location
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
pragma
no-cache
server
nginx
server-timing
intid;desc=9e14812750911461
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-frame-options
DENY SAMEORIGIN
x-xss-protection
1; mode=block
tipico-regular-webfont-2.woff2
welcome.tipico.de/wp-content/themes/style/webfonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/wp-content/themes/style/webfonts/tipico-regular-webfont-2.woff2
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
9205e578b010a7d9af7c45cea0cbcedc38dedc967d8f57ba9de400c6b3b82c0a

Request headers

Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Origin
https://welcome.tipico.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2017 11:59:48 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/wp-content/themes/style/webfonts/tipico-regular-webfont-2.woff2>; rel="canonical"
content-length
16667
source-sans-pro-v18-latin-600.woff2
welcome.tipico.de/wp-content/themes/style/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/wp-content/themes/style/webfonts/source-sans-pro-v18-latin-600.woff2
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Request headers

Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Origin
https://welcome.tipico.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 07:27:59 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/wp-content/themes/style/webfonts/source-sans-pro-v18-latin-600.woff2>; rel="canonical"
content-length
13095
source-sans-pro-v18-latin-regular.woff2
welcome.tipico.de/wp-content/themes/style/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/wp-content/themes/style/webfonts/source-sans-pro-v18-latin-regular.woff2
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Request headers

Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Origin
https://welcome.tipico.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 07:27:59 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/wp-content/themes/style/webfonts/source-sans-pro-v18-latin-regular.woff2>; rel="canonical"
content-length
13103
official_partners_2021_v2.svg
welcome.tipico.de/wp-content/uploads/sites/1/2021/06/ 		32 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.tipico.de/wp-content/uploads/sites/1/2021/06/official_partners_2021_v2.svg
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
e8ed7560239323b6adaa3c0c2672cfbf46d8e199afc404c5de9287e82efb7645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:56:14 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/wp-content/uploads/sites/1/2021/06/official_partners_2021_v2.svg>; rel="canonical"
content-length
12652
script_footer_static-24ebed5.js
welcome.tipico.de/cache/assets/1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/cache/assets/1/script_footer_static-24ebed5.js
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
cfaba914002c4fb79d80b71777113002048385bbb1007a52a183f5f9eb340795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 08:44:16 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/cache/assets/1/script_footer_static-24ebed5.js>; rel="canonical"
content-length
2810
gtm.js
www.googletagmanager.com/ 		347 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCJSK7L
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc6cd5d8813818eb7b469e5d0823835eadc4474a25d289800951ba57cc88421d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78567
x-xss-protection
0
expires
Sun, 15 May 2022 18:04:07 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1757
date
Sun, 15 May 2022 17:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 15 May 2022 19:34:50 GMT
style_static-50d7e81.css
welcome.tipico.de/cache/assets/1/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/cache/assets/1/style_static-50d7e81.css
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 08:44:15 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/cache/assets/1/style_static-50d7e81.css>; rel="canonical"
content-length
1864
style_static-50d7e81.css
welcome.tipico.de/cache/assets/1/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/cache/assets/1/style_static-50d7e81.css
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
09e8922df5f60983f31bb3716d3409be15ccd7e5f7ca69c5672d06429e9ceec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 08:44:15 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/cache/assets/1/style_static-50d7e81.css>; rel="canonical"
content-length
1864
LP_2021_DE.mp4
welcome.tipico.de/wp-content/uploads/sites/1/2021/12/ 		751 KB
752 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://welcome.tipico.de/wp-content/uploads/sites/1/2021/12/LP_2021_DE.mp4
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
65bc54ffdbc3a1a671aadedbb33010da32ff79344e12e0b9f370d323281ae4aa

Request headers

Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
last-modified
Tue, 21 Dec 2021 09:49:09 GMT
server
nginx
age
117
content-type
video/mp4
Content-Range
bytes 0-768685/768686
accept-ranges
bytes
Content-Length
768686
logo.svg
welcome.tipico.de/wp-content/themes/style/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.tipico.de/wp-content/themes/style/img/logo.svg?v=1
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.208.154.209 Vienna, Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
e2-st-freeze.vm.nextlayer.at
Software
nginx /
Resource Hash
8589a2e9318a68ddd03f3be40fb585caeda4a1387c27e8ea946e229d7f114b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:07 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:19:18 GMT
server
nginx
age
396427
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
link
<https://welcome.tipico.de/wp-content/themes/style/img/logo.svg>; rel="canonical"
content-length
3419
truncated
/ 		575 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9e94f51483e6c3d5ec20dd3314a92deee2594596dd8597978c7a538ab023edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 17:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 15 May 2022 18:07:13 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-110225427-1&cid=532080247.1652637848&jid=332729971&gjid=582814323&_gid=520355803.1652637848&_u=aGBAgEAjAAAAAE~&z=1692537258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://welcome.tipico.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 May 2022 18:04:08 GMT
content-type
text/plain
access-control-allow-origin
https://welcome.tipico.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=300049699&t=pageview&_s=1&dl=https%3A%2F%2Fwelcome.tipico.de%2Friskfree10%2F%3FcampaignId%3Dj32k72mb%26affiliateId%3D739319&ul=en-us&de=UTF-8&dt=Wette%20ohne%20Risiko%20-%20welcome.tipico.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=332729971&gjid=582814323&cid=532080247.1652637848&tid=UA-110225427-1&_gid=520355803.1652637848&z=1953513548
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 May 2022 20:36:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77262
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XV9DVEF8WR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJSK7L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e60e47d582c8ca15b7541a66821b62691fb45f6aec09142b2b8a061147ba8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67716
x-xss-protection
0
expires
Sun, 15 May 2022 18:04:08 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.onclickalgo.com
URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f284bd08570044c245ac95d65dac3de113c9e5bba507dfa7ebce0a6a06af4e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 19:13:01 GMT
server
AkamaiNetStorage
etag
"c64d20d9ef120815180d3ea83b12ce94:1649272380.921601"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
16972
expires
Tue, 17 May 2022 18:04:08 GMT
country.js
c.evidon.com/geo/ 		252 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.onclickalgo.com
URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
snthemes.js
c.evidon.com/sitenotice/6259/ 		103 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6259/snthemes.js
Requested by
Host: www.onclickalgo.com
URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9f0d69088bf0b519d8d8191813e7da8a09c9f08392891774c618eee9c25abf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:53:33 GMT
server
AkamaiNetStorage
etag
"d7a756263a79ec91e30d50b297c71973:1636624413.864208"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
5153
expires
Tue, 17 May 2022 18:04:08 GMT
settings.js
c.evidon.com/sitenotice/6259/tipico/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6259/tipico/settings.js
Requested by
Host: www.onclickalgo.com
URL: http://www.onclickalgo.com/jump/next.php?r=5482643
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ec88fccaf3adfd4b953179d0fdcf6263736a518fa86e3314a629567e2d19aef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 08:43:36 GMT
server
AkamaiNetStorage
etag
"7754b7587c587e9f87a06466bd8c82ca:1651049015.996051"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
1328
expires
Tue, 17 May 2022 18:04:08 GMT
optimize.js
www.googleoptimize.com/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MR5DD3R
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJSK7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0990f0197827ea78b6598574d674a80733ccf042480209a53925a511c253c632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37267
x-xss-protection
0
expires
Sun, 15 May 2022 18:04:08 GMT
en.js
c.evidon.com/sitenotice/6259/translations/ 		80 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6259/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2069ffdfd9a89effe284d0c5b78efbe337214f148c8ae9fec8e7a5378df89505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 13:56:15 GMT
server
AkamaiNetStorage
etag
"5450ad4c158c5488152b7d96a2ea2aef:1637934974.978914"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
6517
expires
Tue, 17 May 2022 18:04:08 GMT
de.js
c.evidon.com/sitenotice/6259/translations/ 		88 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/6259/translations/de.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f549a984d7414e8d13a09f0212af7bdc9d7ac1773f400f57e638aea6e5f81fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 13:57:20 GMT
server
AkamaiNetStorage
etag
"677c7ab1d36d4e759ccc4012593634fb:1637935040.303094"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9988
expires
Tue, 17 May 2022 18:04:08 GMT
evidon-banner.js
c.evidon.com/sitenotice/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-banner.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-81-61.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
04a69e4ac065c50019b0772e9e1066b077af9748c6267f190cd165bc9e5c6ddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 19:13:01 GMT
server
AkamaiNetStorage
etag
"9af77f47fe3afe3535bc04bc3c41526d:1649272381.485172"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3348
expires
Tue, 17 May 2022 18:04:08 GMT
1
l.evidon.com/site/v3/6259/87855/3/1/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6259/87855/3/1/2/1?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.222.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-222-248.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
55020
l.evidon.com/site/v3/6259/87855/3/4/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6259/87855/3/4/2/1/55020?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.222.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-222-248.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
55020
l.evidon.com/site/v3/6259/87855/3/2/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6259/87855/3/2/2/1/55020?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.222.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-222-248.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
55020
l.evidon.com/site/v3/6259/87855/3/1/2/1/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/site/v3/6259/87855/3/1/2/1/55020?consent=0&regulationid=2&regulationconsenttypeid=1
Requested by
Host: welcome.tipico.de
URL: https://welcome.tipico.de/riskfree10/?campaignId=j32k72mb&affiliateId=739319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.222.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-222-248.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://welcome.tipico.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 18:04:08 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ready object| html5 object| google_tag_manager object| evidon string| hostname function| gtm_setRefCookie function| gtm_clearUTMCookie function| gtm_setAffIdCookie function| gtm_setBtagCookie object| google_optimize function| onYouTubeIframeAPIReady

11 Cookies

Domain/Path Name / Value
.tipico.de/ Name: TTID
Value: 8341a436-24a3-4904-8f96-ffa8ec65d155
.tipico.de/ Name: TCID
Value: j32k72mb
.tipico.de/ Name: CTFES_REDIRECT
Value: true
.tipico.de/ Name: _abck
Value: 831C585D82BB1D1160F135BEB1C31154~-1~YAAQhrsQAm6aRZWAAQAAxlDkyAfYSUnJkzlgV503nK9Skrwnmxugg7j///LfVkpkLgJBRr/k+1tNbyXHaaYWayM2zgtdX7GxIB6ghTK+7kmQy3qos9Nm9H85mQaA+6/Pm9xFxITZ8AG0mUaoVv1Lxx0a5FF5FCTT0YITL476N4Yut/6P7RIIP5vTJ6nOr68mBWmUY4xf39b9ML09PjWrOBILHvLrg78LbeLQnP/ZyBUcqw80CnaNDluuJtxx+Vi35Bz6UF2RuiQI37MmHzYpNcliQloryu7+h59Z04szhvqK917GaeIroMz9C4aAfh1O2p23QqEfZnuwKXu+SjbYgSfhHW2zPu/TOknLa5FlG8je7c/c5KkQ4cfaAg==~-1~-1~-1
.tipico.de/ Name: bm_sz
Value: 8242961B9EBB54D295F94A0C81FBB831~YAAQhrsQAm+aRZWAAQAAxlDkyA/cVcBS+620zj2OHW40rqD2iLPeYzSlWPI2ZxmHW85auu8d0mM77sTWJ3sj6B2ZxLYrfwEjT10k67Aza1NR0i3Bl5l2VcoTuGzcLPGn6C49mgxtAvRt5NsgDavkmLRT25Wc6MrjfoKNBXMl+dCk7bWkHVx69ROf3P0oqFnh2hJUDTFcUxasSxEeOkOMDcK0eN3uvm4I7P9vYoZi+6aFlIZOMtgvTJhtYW3jGUD0vCMCyYikPYVecy82lmMrTgD3KV5fmI55z2ECc+j/tjPYmA==~4469313~3487541
.tipico.de/ Name: _ga
Value: GA1.2.532080247.1652637848
.tipico.de/ Name: _gid
Value: GA1.2.520355803.1652637848
.tipico.de/ Name: _gat
Value: 1
.tipico.de/ Name: LPRef
Value:
.tipico.de/ Name: affiliateId
Value: 739319
.tipico.de/ Name: _gcl_au
Value: 1.1.1947808212.1652637848

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
l.evidon.com
sports.tipico.de
stats.g.doubleclick.net
welcome.tipico.de
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.onclickalgo.com
104.111.240.159
104.92.81.61
213.208.154.209
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:400c:c00::9b
35.201.66.189
54.159.222.248
04a69e4ac065c50019b0772e9e1066b077af9748c6267f190cd165bc9e5c6ddc
0990f0197827ea78b6598574d674a80733ccf042480209a53925a511c253c632
09e8922df5f60983f31bb3716d3409be15ccd7e5f7ca69c5672d06429e9ceec9
1a54990a58728d1c58bd6e364284049ee48154d63a8e650c5332f6944bb0bd6b
2069ffdfd9a89effe284d0c5b78efbe337214f148c8ae9fec8e7a5378df89505
3e60e47d582c8ca15b7541a66821b62691fb45f6aec09142b2b8a061147ba8f4
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
65bc54ffdbc3a1a671aadedbb33010da32ff79344e12e0b9f370d323281ae4aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8589a2e9318a68ddd03f3be40fb585caeda4a1387c27e8ea946e229d7f114b35
9205e578b010a7d9af7c45cea0cbcedc38dedc967d8f57ba9de400c6b3b82c0a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9f0d69088bf0b519d8d8191813e7da8a09c9f08392891774c618eee9c25abf9d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b9e94f51483e6c3d5ec20dd3314a92deee2594596dd8597978c7a538ab023edf
bc6cd5d8813818eb7b469e5d0823835eadc4474a25d289800951ba57cc88421d
cfaba914002c4fb79d80b71777113002048385bbb1007a52a183f5f9eb340795
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ed7560239323b6adaa3c0c2672cfbf46d8e199afc404c5de9287e82efb7645
ec88fccaf3adfd4b953179d0fdcf6263736a518fa86e3314a629567e2d19aef0
f284bd08570044c245ac95d65dac3de113c9e5bba507dfa7ebce0a6a06af4e2f
f549a984d7414e8d13a09f0212af7bdc9d7ac1773f400f57e638aea6e5f81fb7
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75