urlscan.io logo urlscan.io
SecurityTrails logo

www.betano.de Open in urlscan Pro
2606:4700:4400::ac40:9754  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e...
Effective URL: https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&u...
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 30 HTTP transactions. The main IP is 2606:4700:4400::ac40:9754, located in and belongs to . The main domain is www.betano.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 31st 2023. Valid for: a year.
This is the only time www.betano.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 69.175.103.182 32475 (SINGLEHOP...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
3 184.154.10.250 32475 (SINGLEHOP...)
2 3 51.68.82.147 16276 (OVH)
2 91.209.226.54 204601 (ON-LINE-D...)
2 12 139.45.197.244 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
2 2 188.114.96.3 ()
1 2 2606:4700:440... ()
30 8
4    69.175.103.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
amazingcloud.club
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
merterpazar.com
3    184.154.10.250 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
m.lepetitdiary.com
3    51.68.82.147 (United Kingdom)

ASN16276 (OVH, FR)
www.trimbuilder.foundation
2    91.209.226.54 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4923262.25ssd.had.wf
click2kikc.xyz
12    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
dotranquilla.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    188.114.96.3 (None, )

ASN- ()
gml-grp.com
2    2606:4700:4400::ac40:9754 (None, )

ASN- ()
www.betano.de
Apex Domain
Subdomains		 Transfer
12 dotranquilla.com
dotranquilla.com — Cisco Umbrella Rank: 404008
30 KB
4 amazingcloud.club
amazingcloud.club
5 KB
3 trimbuilder.foundation
www.trimbuilder.foundation
5 KB
3 lepetitdiary.com
m.lepetitdiary.com
5 KB
2 betano.de
www.betano.de
1 KB
2 gml-grp.com
gml-grp.com
2 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
997 B
2 click2kikc.xyz
click2kikc.xyz
1 KB
1 merterpazar.com
merterpazar.com
1 KB
0 optimove.net Failed
sdk.optimove.net Failed
0 cookielaw.org Failed
cdn.cookielaw.org Failed
30 11
Domain Requested by
12 dotranquilla.com 2 redirects dotranquilla.com
4 amazingcloud.club 1 redirects
3 www.trimbuilder.foundation 2 redirects m.lepetitdiary.com
3 m.lepetitdiary.com amazingcloud.club
2 www.betano.de 1 redirects www.betano.de
2 gml-grp.com 2 redirects
2 my.rtmark.net dotranquilla.com
2 click2kikc.xyz www.trimbuilder.foundation
1 merterpazar.com 1 redirects
0 sdk.optimove.net Failed www.betano.de
0 cdn.cookielaw.org Failed www.betano.de
30 11

This site contains no links.

Subject Issuer Validity Valid
amazingcloud.club
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
m.lepetitdiary.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
www.trimbuilder.foundation
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
click2kikc.xyz
R11		 2024-06-15 -
2024-09-13		 3 months crt.sh
dotranquilla.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
betano.de
Cloudflare Inc ECC CA-3		 2023-12-31 -
2024-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&utm_medium=1734&utm_source=2&siteid=6746
Frame ID: 1CB6A7D086E53356E5C13B7485FEE36B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bem... HTTP 307
    https://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bem... HTTP 302
    https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddoma... Page URL
  2. https://merterpazar.com/3cae09cf-e559-49d8-b68d-eb73af0d1127?2=13371&3=13371-19c14790&1=M73843858051... HTTP 302
    https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13... Page URL
  3. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website... Page URL
  4. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website... HTTP 302
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website... HTTP 302
    https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406... Page URL
  5. https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084 Page URL
  6. https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
  7. https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT... HTTP 302
    https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT... HTTP 302
    https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BE... HTTP 302
    https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BE... Page URL

Page Statistics

30
Requests

73 %
HTTPS

11 %
IPv6

11
Domains

11
Subdomains

8
IPs

3
Countries

45 kB
Transfer

264 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0..r=http HTTP 307
    https://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0..r=http HTTP 302
    https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club Page URL
  2. https://merterpazar.com/3cae09cf-e559-49d8-b68d-eb73af0d1127?2=13371&3=13371-19c14790&1=M7384385805160022096 HTTP 302
    https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe Page URL
  3. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961 Page URL
  4. https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=0a0bc8ecc9c66a8c6acf47bbbe819196&eyer=0.2858856233602769&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=m.lepetitdiary.com HTTP 302
    https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=3&eyer=0.2858856233602769&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=m.lepetitdiary.com HTTP 302
    https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406-flb*5768231-bead7*M7384385813749956647*sl_5768231-bead7*dd5d2dc864649399befbae2d9d8e166331a8c80c*20961-d08e7c4c-6e88e33f*20961 Page URL
  5. https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084 Page URL
  6. https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
  7. https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT_BETANO HTTP 302
    https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT_BETANO&AutoR=1 HTTP 302
    https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&btag=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&utm_medium=1734&utm_source=2&siteid=6746 HTTP 302
    https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&utm_medium=1734&utm_source=2&siteid=6746 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0..r=http HTTP 307
  • https://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0..r=http HTTP 302
  • https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
Request Chain 3
  • https://merterpazar.com/3cae09cf-e559-49d8-b68d-eb73af0d1127?2=13371&3=13371-19c14790&1=M7384385805160022096 HTTP 302
  • https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
Request Chain 7
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=0a0bc8ecc9c66a8c6acf47bbbe819196&eyer=0.2858856233602769&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=m.lepetitdiary.com HTTP 302
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=3&eyer=0.2858856233602769&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=m.lepetitdiary.com HTTP 302
  • https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406-flb*5768231-bead7*M7384385813749956647*sl_5768231-bead7*dd5d2dc864649399befbae2d9d8e166331a8c80c*20961-d08e7c4c-6e88e33f*20961
Request Chain 14
  • https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
  • https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
amazingcloud.club/
Redirect Chain
  • http://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0....
  • https://amazingcloud.club/d/prizewheel/cash/kecashn/index.html?brand=apple&domain=takeandgonow.com&bemobdata=c=fc9d2b8a-0e1a-428e-bee8-ebc9b6e7c4a9..l=f6ccdc01-ffb4-4bf0-a156-d908cbd8f1e4..a=0..b=0...
  • https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.175.103.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
039feb1733139d289c3a97722aac349ab879b78a5769280416fb366543d77e87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:28:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 10:28:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://amazingcloud.club?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
favicon.ico
amazingcloud.club/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://amazingcloud.club/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.175.103.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 26 Jun 2024 10:28:20 GMT
favicon.ico
amazingcloud.club/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://amazingcloud.club/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.175.103.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:20 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 26 Jun 2024 10:28:20 GMT
/
m.lepetitdiary.com/
Redirect Chain
  • https://merterpazar.com/3cae09cf-e559-49d8-b68d-eb73af0d1127?2=13371&3=13371-19c14790&1=M7384385805160022096
  • https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
Requested by
Host: amazingcloud.club
URL: https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.154.10.250 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
8e7d9129c9072ef6d570be65ce542c0067cc441cd6575b67bfeeef46ccac9475
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://amazingcloud.club/?utm_medium=23f82f6ae527e3c7f9f4479c8c5ff969df03afa7&utm_campaign=parkeddomains&1=amazingcloud.club#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:28:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, pre-check=0, post-check=0
cf-cache-status
DYNAMIC
cf-ray
8994453568b02c55-FRA
content-length
0
date
Tue, 25 Jun 2024 10:28:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B01%2F1Mwa4DA3M9eICHGvQ3RsuoLVuf96zNRAQuTjuqcUSTuR3kVOuHrK5an%2BSWR2Gcm9HoWd9B3fJei%2BSxRMYZfArr0ME7c8lwykc5EYWoFFHNJrUXvh7V0ucnZHEFEedWI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-id
VVvPgXsoUwHkJ50ZwLo8og_HfvTDtQISWBEjMiOLe5QGIiVQDWazdA==
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
favicon.ico
m.lepetitdiary.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m.lepetitdiary.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.154.10.250 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 26 Jun 2024 10:28:22 GMT
favicon.ico
m.lepetitdiary.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://m.lepetitdiary.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.154.10.250 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:22 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Wed, 26 Jun 2024 10:28:22 GMT
/
www.trimbuilder.foundation/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961
Requested by
Host: m.lepetitdiary.com
URL: https://m.lepetitdiary.com/?utm_medium=efbbdd747f282d4b4da3306894b00c3b5847713e&utm_campaign=1-DE-&1=13371&cb=wuelidl2nlhof2923427c3qe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://m.lepetitdiary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Tue, 25 Jun 2024 10:28:23 GMT
Transfer-Encoding
chunked
3
click2kikc.xyz/go/4995/
Redirect Chain
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=0a0bc8ecc9c66a8c6acf47bbbe819196&eyer=0....
  • https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961&eyeg=3&eyer=0.2858856233602769&eyei=0&eyew=16...
  • https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406-flb*5768231-bead7*M7384385813749956647*sl_5768231-bead7*dd5d2dc864649399befbae2d9d8e166331a8c80c*...
279 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406-flb*5768231-bead7*M7384385813749956647*sl_5768231-bead7*dd5d2dc864649399befbae2d9d8e166331a8c80c*20961-d08e7c4c-6e88e33f*20961
Requested by
Host: www.trimbuilder.foundation
URL: https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash
91848d059b8cf20814ea519d62cd5cdfab0c244c2fd4a71e97396c1f24b84c48

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7384385813749956647&website=20961-d08e7c4c-6e88e33f&placement=20961
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
279
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jun 2024 10:28:23 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 25 Jun 2024 10:28:23 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Tue, 25 Jun 2024 10:28:23 GMT
Location
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330008e892be46da94f573ba25cb4d4f148bd0625-202406-flb*5768231-bead7*M7384385813749956647*sl_5768231-bead7*dd5d2dc864649399befbae2d9d8e166331a8c80c*20961-d08e7c4c-6e88e33f*20961
7482447
dotranquilla.com/4/ 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f3820618de6b8babbeea69319e3be5e9a94f17b4501f2995c576b26cdfaf19e9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 25 Jun 2024 10:28:23 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
84fea402837676538e4d6e35daf67482
favicon.ico
click2kikc.xyz/ 		0
227 B 		Other
General
Check archive.org
Download Go to
Full URL
https://click2kikc.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 10:28:23 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Content-Length
0
Content-Type
text/html; charset=UTF-8
sftouch
dotranquilla.com/ 		2 B
605 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/sftouch?userId=008086c2f7e94782f5a1aedb5706cf56&z=7482447&p_rid=4ad76c41-48ee-40a9-b79d-1e70af1879b3&p_src=sf&branchId=0&rb=-ETDA7gXiOW_EdtzOmrqEaxWQFeN5YpEYphZOdSYZO3uAs_zuQfvIvV5R3NqLXIlTp93cwvhX7Flg1gpniEQhVEy40mvRiJRJu54Zq3YvEQccBxVIN2j1f6Eea-ODy20eLZQMjZGTQ275o-Vp7-oO7AdTXKQfjnFUluFmzAJTJTWoPSEbJz5OiOJG4bmpFHSrWRjp2hkZJDutnR5CELZaFxyk52QIH7aOGW_GOWiDBaNUQAZo5Tfs57IA2j6BW4iHPgEPh4fVTKsmxJE8y6WHGxsI2iBXHT3U9G9hIdEMZ2Qpx489QYCQPrzpzHA4hTg
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
f41bd0eee4a8279f4045a456797efb29
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://dotranquilla.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008086c2f7e94782f5a1aedb5706cf56&z=7482447&p_rid=4ad76c41-48ee-40a9-b79d-1e70af1879b3&p_src=sf
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dotranquilla.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
dotranquilla.com/log/ 		12 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ad76c41-48ee-40a9-b79d-1e70af1879b3
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-Type
text/plain;charset=UTF-8
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dotranquilla.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
dotranquilla.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13lgdot8g0084
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 25 Jun 2024 10:28:24 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
dotranquilla.com/4/6118780/
Redirect Chain
  • https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false
  • https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bed0a423577b7fb5f845eb3908c402201538119b9dd508728b93c9bafd20141f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://dotranquilla.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 25 Jun 2024 10:28:24 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
dfdedb20336759ea5efe428b7c8204b0

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://dotranquilla.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Tue, 25 Jun 2024 10:28:24 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://dotranquilla.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
56a97dca2bd736e2197883c6e78d7bf5
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 25 Jun 2024 10:28:24 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
sftouch
dotranquilla.com/ 		2 B
605 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/sftouch?userId=008086c2f7e94782f5a1aedb5706cf56&z=6118780&p_rid=c2faa909-9106-490d-ada6-f33d8ed25407&p_src=sf&branchId=0&rb=FM_UWaTuySnsQY_iULPvqs6CYf_bYFArasrtwglsgPkPy4PQyftgP5mvo_xXvDHh_CceJAipZJfhekitTEKRice-0YHIr3745WI-IJjQ9e7Rcnvs3Af0NTlMlgpLdeW1u-2YaSKje_TzIuWX79MIFqjQT3QMWiN_rtMfGsS-GF0VzbjX5ypBG--nhUyOEFYc-ssqL5mBeaOrSkirY0HGZA-jEKFWK1uSk-AachBpSdB7vwG4ijgd_6_eipJZvqf2h7LtqD6i6pdGpftiG1DAIJHpj37Qa2_W8NpVMyaTydQ=
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
2a448999525fe50bdd023b99a070a661
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://dotranquilla.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008086c2f7e94782f5a1aedb5706cf56&z=6118780&p_rid=c2faa909-9106-490d-ada6-f33d8ed25407&p_src=sf
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dotranquilla.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://dotranquilla.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
dotranquilla.com/log/ 		12 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c2faa909-9106-490d-ada6-f33d8ed25407
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-Type
text/plain;charset=UTF-8
Referer
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:28:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dotranquilla.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 25 Jun 2024 10:28:24 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request /
www.betano.de/landing/342606/
Redirect Chain
  • https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false
  • https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT_BETANO
  • https://gml-grp.com/C.ashx?btag=a_6746b_2982c_&affid=1734&siteid=6746&adid=2982&c=PU_DE_PA_SB_DT_BETANO&AutoR=1
  • https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&btag=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&utm_medium=1734&utm_source=2&siteid=6746
  • https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&utm_medium=1734&utm_source=2&siteid=6746
178 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betano.de/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&utm_medium=1734&utm_source=2&siteid=6746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.de:*
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://dotranquilla.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
89944546fd6c5d46-FRA
content-encoding
gzip
content-security-policy
frame-ancestors https://*.betano.de:*
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:28:24 GMT
report-to
{"max_age":10886400,"endpoints":[{"url":"https://app.logrocket.com/reports/7hhr6m/stoiximangr"}]}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
899445459b9a5d46-FRA
content-length
0
date
Tue, 25 Jun 2024 10:28:24 GMT
location
/landing/342606/?pid=incomeaccess_int&af_sub1=a_6746b_2982c_PU_DE_PA_SB_DT_BETANO&af_ad_id=1734&utm_medium=1734&utm_source=2&siteid=6746
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRnntvhbQ6xJzSixC2MGTpSl3vQ0JtA8brU84rtDhr6kpMBpZ8mJVNVRKBk0J9HebwjeD3oxSN6gIaiZ1URxOk4znDS9hzzxwQix3JGfEn49DQsKjxDYiY1oeJ9SEDIIEOlt2bevVR1V2OA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-cacheable-status
302
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 25 Jun 2024 10:28:24 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
r4JQVZETZTeQtnzawJh5s2Wbw6I.js
www.betano.de/cdn-cgi/apps/head/ 		0
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		0
0
/
sdk.optimove.net/websdk/ 		0
0
chunk-vendors~c7bac266.d9e9e0e86e52189cf922.css
www.betano.de/ 		0
0
chunk-vendors~d939e436.9f9c6fdd8ede38779944.css
www.betano.de/ 		0
0
chunk-vendors~9c5b28f6.e34129d7e790790cd9c6.css
www.betano.de/ 		0
0
chunk-vendors~fdc6512a.1f90d171cdcd854adb36.css
www.betano.de/ 		0
0
main.91f5eb437a9e5084b670.css
www.betano.de/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.betano.de
URL
https://www.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js
Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Domain
sdk.optimove.net
URL
https://sdk.optimove.net/websdk/?tenant_id=548&tenant_token=887db3e5eb7f485bbbd83c3c23a6db38
Domain
www.betano.de
URL
https://www.betano.de/chunk-vendors~c7bac266.d9e9e0e86e52189cf922.css
Domain
www.betano.de
URL
https://www.betano.de/chunk-vendors~d939e436.9f9c6fdd8ede38779944.css
Domain
www.betano.de
URL
https://www.betano.de/chunk-vendors~9c5b28f6.e34129d7e790790cd9c6.css
Domain
www.betano.de
URL
https://www.betano.de/chunk-vendors~fdc6512a.1f90d171cdcd854adb36.css
Domain
www.betano.de
URL
https://www.betano.de/main.91f5eb437a9e5084b670.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

7 Cookies

Domain/Path Name / Value
.merterpazar.com/ Name: 3cae09cf-e559-49d8-b68d-eb73af0d1127-v4
Value: V2wYiWOodhmLTN_U4IcMhv2whoyjtbZzt7o4vPcKeSE
.merterpazar.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wuelidl2nlhof2923427c3qe%22%2C%22caid%22%3A%223cae09cf-e559-49d8-b68d-eb73af0d1127%22%7D
click2kikc.xyz/ Name: mobitck
Value: 1
dotranquilla.com/ Name: OAID
Value: 008086c2f7e94782f5a1aedb5706cf56
dotranquilla.com/ Name: oaidts
Value: 1719311303
my.rtmark.net/ Name: ID
Value: 008086c2f7e94782f5a1aedb5706cf56
dotranquilla.com/ Name: syncedCookie
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload