20bet.life Open in urlscan Pro
2606:4700:20::681a:b66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://seri2.swiftjourney.online/xfdIQ
Effective URL:
https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubid...
Submission: On August 22 via api (August 22nd 2023, 10:01:57 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 21 domains to perform 40 HTTP transactions. The main IP is 2606:4700:20::681a:b66, located in United States and belongs to CLOUDFLARENET, US. The main domain is 20bet.life.
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.

This is the only time 20bet.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:b:7... 2a02:4780:b:739:0:2be4:9d0b:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
16	172.64.133.20 172.64.133.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.55.236.100 162.55.236.100	24940 (HETZNER-AS) (HETZNER-AS)
1 1	49.12.123.158 49.12.123.158	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.126.81.211 3.126.81.211	16509 (AMAZON-02) (AMAZON-02)
2 5	2606:4700:20:... 2606:4700:20::681a:b66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	() ()
1	104.18.41.153 104.18.41.153	() ()
1	18.173.154.35 18.173.154.35	() ()
1	2606:4700::68... 2606:4700::6812:d63b	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2003	() ()
40	11

1 2a02:4780:b:739:0:2be4:9d0b:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

seri2.swiftjourney.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

chalaips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.64.133.20 (United States)

ASN13335 (CLOUDFLARENET, US)

psaugourtauy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.100 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.100.236.55.162.clients.your-server.de

track-eu.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.123.158 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.158.123.12.49.clients.your-server.de

plinksplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

promo.20bet.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.81.211 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-81-211.eu-central-1.compute.amazonaws.com

20media.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:b66 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

20bet.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.153 (None, )

ASN- ()

casino.cur.a8r.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.35 (None, )

ASN- ()

cdn.seon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d63b (None, )

ASN- ()

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	psaugourtauy.com psaugourtauy.com — Cisco Umbrella Rank: 58005	62 KB
5	20bet.life 2 redirects 20bet.life	46 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9422	2 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	seon.io cdn.seon.io	109 KB
1	a8r.games casino.cur.a8r.games	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	20media.world 1 redirects 20media.world — Cisco Umbrella Rank: 266883	716 B
1	20bet.partners 1 redirects promo.20bet.partners — Cisco Umbrella Rank: 239243	964 B
1	plinksplanet.com 1 redirects plinksplanet.com — Cisco Umbrella Rank: 352245	484 B
1	trackingtraffo.com 1 redirects track-eu.trackingtraffo.com — Cisco Umbrella Rank: 459010	387 B
1	chalaips.com chalaips.com — Cisco Umbrella Rank: 295050	2 KB
1	swiftjourney.online seri2.swiftjourney.online	1 KB
0	akamaized.net Failed ws-cdn001.akamaized.net Failed
0	customer.io Failed assets.customer.io Failed
0	aswpsdkus.com Failed aswpsdkus.com Failed
0	sportradar.com Failed tm.ads.sportradar.com Failed
0	hotjar.com Failed static.hotjar.com Failed
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
40	21

	Domain	Requested by
16	psaugourtauy.com	chalaips.com psaugourtauy.com
5	20bet.life	2 redirects psaugourtauy.com 20bet.life
4	my.rtmark.net	chalaips.com psaugourtauy.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.onesignal.com	20bet.life cdn.onesignal.com
1	cdn.seon.io	20bet.life
1	casino.cur.a8r.games	20bet.life
1	fonts.googleapis.com	20bet.life
1	20media.world	1 redirects
1	promo.20bet.partners	1 redirects
1	plinksplanet.com	1 redirects
1	track-eu.trackingtraffo.com	1 redirects
1	chalaips.com	seri2.swiftjourney.online
1	seri2.swiftjourney.online
0	ws-cdn001.akamaized.net Failed	20bet.life
0	assets.customer.io Failed	20bet.life
0	aswpsdkus.com Failed	20bet.life
0	tm.ads.sportradar.com Failed	20bet.life
0	static.hotjar.com Failed	20bet.life
0	www.googletagmanager.com Failed	20bet.life
0	static.cloudflareinsights.com Failed	20bet.life
40	21

This site contains no links.

Subject Issuer	Validity	Valid
seri2.swiftjourney.online ZeroSSL RSA Domain Secure Site CA	`2023-08-20` - `2023-11-18`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
psaugourtauy.com E1	`2023-08-14` - `2023-11-12`	3 months	crt.sh
20bet.life GTS CA 1P5	`2023-07-25` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
a8r.games Cloudflare Inc ECC CA-3	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.seon.io Amazon RSA 2048 M02	`2023-07-07` - `2024-08-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
Frame ID: 1DF607B69F5212A4E9B35A2E406FC503
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://seri2.swiftjourney.online/xfdIQ Page URL
http://chalaips.com/4/6106028 Page URL
https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z... Page URL
https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z... Page URL
https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=iMx9OUWdWAZ8d8DkW8uFoTsa4fO2Nw-y3bBIroLCH0YT_LFE8HmSaj... HTTP 302
https://plinksplanet.com/click.php?key=yhv3px7zkwi0c60cfm20&clickid=b6adc010-cdbf-4be1-bc6a-6f2d1abf1... HTTP 302
https://promo.20bet.partners/redirect.aspx?pid=164519&bid=1971&lpid=419&utm_source=retarget&utm_medium=Ub... HTTP 307
https://20media.world/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarge... HTTP 302
https://20bet.life/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarge... HTTP 302
https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=reta... Page URL

Detected technologies

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

40
Requests

70 %
HTTPS

43 %
IPv6

21
Domains

21
Subdomains

11
IPs

3
Countries

244 kB
Transfer

701 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://seri2.swiftjourney.online/xfdIQ Page URL
http://chalaips.com/4/6106028 Page URL
https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=iMx9OUWdWAZ8d8DkW8uFoTsa4fO2Nw-y3bBIroLCH0YT_LFE8HmSajBEQd1qvlN1xuWPdZnvzxPTZ27CQuIAnTQyXcnRYrpXMqydNjgepxdIfvqBetKCltBIRk2UZKowjg4ViuvDm2Mt7JQhA9ZpgmO93RdPh0Bb4BT3CUBN9GR5dOTU-BIdDpebyQE9TStz5fkMDe5VcJ8xruXmjWntWQat5_n7BezTbqUCWhYu4Ailp_FFABV42lwGSebO7aU5YCwh070fLB-QGJlnb72q77veielLTKYjSdrWeBB7xQf4TDgqInMjUiLpPkLkWHV1xerkdA76rVktMHuA86xzNrDUtn6Lr-PVnRUHp0cGvLZMVqUVeEK76sfnvf-TJ9mUrypCX5pLFS213N7M8Y2K8kAomcb0XZ3WuYyUulgKD5iu67TiwkWHGXoi-8MdCQg3DsXtvw_ynFUDFLHBdPqOA5QeIlJD_ytSBbTZ-EYiLme09hD9jBcV_dFRiLD1MdBncGVnrgZtFgmr7iIQQ9-wz8mywBeZ_OEXQoMlqJxFeKjfKmNBpf9neA2eZCYLDMhx3uzAtncQYyVA8PTVJO8mabTozOIJxbDIjYUlXtJXnSy6k-yCt2XJfkPEXySUjGxHGHcSQaa-J7ahGN3pYOPbfYL40bAL3Vg7QY0wGj2GecMzU9P9-bdSt0BrRiDjGT34IBXLcgryxAqGnTUi&oaid=de2eddd1f382297393c9cf495cbc8157 HTTP 302
https://plinksplanet.com/click.php?key=yhv3px7zkwi0c60cfm20&clickid=b6adc010-cdbf-4be1-bc6a-6f2d1abf1dac&cost=0.002&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-08-23&BID_PUB=0.002&CR_ID=3651&PUB_NAME=Propeller-POP HTTP 302
https://promo.20bet.partners/redirect.aspx?pid=164519&bid=1971&lpid=419&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd HTTP 307
https://20media.world/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd HTTP 302
https://20bet.life/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd HTTP 302
https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://20bet.life/configuration.js HTTP 302
https://20bet.life/de/configuration.js

Request Chain 30

https://20bet.life/custom-assets/mainLoaderDark.gif HTTP 302
https://20bet.life/de/custom-assets/mainloaderdark.gif

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 xfdIQ Show response
seri2.swiftjourney.online/ 4 KB
1 KB 712ms
337ms Document
text/html 2a02:4780:b:739:0:2be4:9d0b:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://seri2.swiftjourney.online/xfdIQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:739:0:2be4:9d0b:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

02b132e3c48b25124b0ac29cc32020e08367960e8a64fb3c9dd6aaaea17ef263

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 938
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 22:01:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
platform: hostinger
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 6106028
chalaips.com/4/ 1 KB
2 KB 37ms
16ms Document
text/html 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://chalaips.com/4/6106028
Requested by: Host: seri2.swiftjourney.online
URL: https://seri2.swiftjourney.online/xfdIQ
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: * *
Access-Control-Max-Age: 86400
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf8
Date: Tue, 22 Aug 2023 22:01:55 GMT
Expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://psaugourtauy.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
Pragma: no-cache no-cache
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked
X-Trace-Id: 8135af2b0c22e4f00700098b9c2f082a

POST
H2 200 img.gif
my.rtmark.net/ 43 B
504 B 49ms
13ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=43342342a86a4e918e46fdabc989a1ae

Requested by

Host: chalaips.com
URL: http://chalaips.com/4/6106028

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: http://chalaips.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
psaugourtauy.com/ 39 KB
13 KB 106ms
75ms Document
text/html 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: chalaips.com
URL: http://chalaips.com/4/6106028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7d2c262a3202ef9787cd0c5a93b978baac093e15af6ac1132fd9aef3c8ab9017

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fae65aada1d3a85-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 22:01:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGSj4OixdZTGv6FgSUVJEGue0E0WR08uIW5wEGdE3hdy7RH%2BdfHBi1bEPlzoXR3eD4dM6U0tmaqOorkZKEVSsyqSGH3oXWzdxGVZiINO%2Fqc5jDIG3UWtjgQcywZByy1PJp5%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 13ms
12ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=de2eddd1f382297393c9cf495cbc8157

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

22088448036a679bed04da799427e03e901aba6cf3b381b328d0dfb527a08675

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 35ms
34ms Script
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adaa40b1192088b0504135f32713af45c5f54e14d118369c424fe2beef6bb45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Aug 2023 16:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e4df9a-68c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v46D5Kb17m3Ahm9v%2BTz%2FOHfMPUze8KtvRbTpKU%2FfuHNclfMFFnK6RePt%2FrvrOiuJpZvTMwaLoncqCoCOlUv04GakmIFDRpQ6JlUVDiqL6TGbU018hQYie%2FXqgB2%2FcOoMQACt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7fae65ab6ac33a85-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 32ms
32ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6106028&var3=717973393236038307&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1f05d90d263d591cbfded662cdb53be6ca617196116ce02a5b5a75fe4ac93ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: acc509710544bbc41c400d07b04b0443
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAKUch8EvHA80Md4EiaNMUuOJVmAQQdBpjWPhi1MIjC2iDblqVkEjX5K9GkXyz8PuUI8NWvpb4NzqTJ6kL7XVk%2BCRGIIQTTgGmWRvoeQAkH4Cb0H1KkTpEqTEJP%2FDM6CnmWb"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fae65ab7ae03a85-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
psaugourtauy.com/ 2 B
559 B 38ms
38ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePzivjmyfcuTsxmWH1Ar7XaOUUkbvW3brhtLKKdRT8ybnBaKhQJvXVrajQAXIQ5agaW0qu3Y55mGH9eIrviiHYUGRZ%2Fh86OAaIXLsP31R6VwrVhKp%2F8AWPrR31TgkbzuVuQt"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7fae65ab8eb59223-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
943 B 30ms
30ms Other
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=6106028&ymid=717973393236038307&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQyXWNIfUq0s3Y4%2BK1FLSjYEmx27zoaQXFWzboeWoF4s6wZWLTaBtT9Pabbis4uwIOZky2VE90t8kvpKLjhzmPJzrFcAoi2kUjY2iIeVSgOVtXGvHt22rIj9AVHzJVs2FN%2Fu"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7fae65abbedc9223-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
480 B 32ms
32ms Ping
text/plain 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6106028&ymid=717973393236038307&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 73f20297b1a1bfc7711dd2f046f7ba02
date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tNnJ9msV5XlHAOuNjLtHQ%2FPZbswohcmt4vPglsRVHO4UGue4Ptp9pDsZ9GgFZ4vL69HRlU82ISl5TlfggRxe6BqF9%2FBORHOT7SXq6pl6Sdl%2FLION0shChZF2fqSPrQLTgKf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7fae65abbed89223-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 13ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=717973393236038307&var=6106028

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

22088448036a679bed04da799427e03e901aba6cf3b381b328d0dfb527a08675

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone
psaugourtauy.com/ 904 B
1 KB 24ms
24ms Fetch
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6106028&ymid=717973393236038307&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 213b0a677f4a3c410d7e7e83042f7356
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oiMff8SM56z0azrEATt9QpoYi9nae2fhvRr6d1fgK0pAvA2HYCJAkFc%2FlTsErLBYTHY2ZEt5CiIpcDiN%2B4BjhTWTJ0Y9rn7%2FTqtf0iB0XvmsXHEi1ucGJbJkIztmCX8HlSH"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fae65abcf0a9223-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 / Show response
psaugourtauy.com/ 39 KB
13 KB 77ms
76ms Document
text/html 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 24a961436009096f127c88b4c498cbf03b2225dfc14abba573754f42a0d0d506

Request headers

Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fae65abef289223-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 22:01:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKy6USoQEfyl%2BNmRa4CF8kM7kJMRX3adT0fwoSqGcuhRM42Gcp9JFdyg2FQLIixb1QV10sqPRx52thPxYmkAMRg2tfIgImlSCG3G2k3ACKwc%2Fx5cct4y3m%2FNhsbjL9wGfOxi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 micro.tag.min.js Show response
psaugourtauy.com/pfe/current/ 26 KB
10 KB 34ms
34ms Script
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adaa40b1192088b0504135f32713af45c5f54e14d118369c424fe2beef6bb45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Aug 2023 16:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e4df9a-68c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOC%2Bi3RnB56hLWH7gds7HKY5s%2BN7jcQXNoRct%2Bx5%2B8CtfTQzSuqw90M8vJlHob%2BWpBzeRGJy4DXBBIc%2F9Ko1s91EQkxMwUUB8kgXzLeZtEqG4TPYymMqaIC6yf1urQPGxSHm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7fae65ac7f979223-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
psaugourtauy.com/19/4662728/ 3 KB
2 KB 24ms
23ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/19/4662728/?abt_opts=1&var=6106028&var3=717973393236038307&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

378b970b2be6b0d6a29abf5640474583268536777bed8ce7b897822354838f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: de50c447e28645264669656c2aa5a6b8
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yVklA6vADi2ZviIXy7bbKZF9DopAtIR8Cpc17yB1QuqqQfus2HvQgZB4Iu2YYBoQyKf8mgJeY9PFq7rh%2F42Qm%2FnI5LWLCSZN%2FyPf33qvqGg8P5StIkyMOMh4TvhKstnR5gp"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fae65ac8f9c9223-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
psaugourtauy.com/ 2 B
527 B 29ms
29ms XHR
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.24
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.24
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2yJ4nKUj4Gu4A4n%2BphwegRuBA0FPp98Obb4uf23yKD6dsDWJ0xprs0MmsrKwlZUa2OPRd7VOZb8B6JfT3GnuubAR%2BNJyHGoO9Ezw9%2F%2Fcsdz4FwL644r9o%2FzErQ7rDOxkPzT"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7fae65ac8fa19223-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
psaugourtauy.com/ 4 KB
4 KB 56ms
55ms Fetch
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/rhd?rb=xtPitJoRqI1egPBVvGeCysfjO_-PWwkU1hAg0pSdAEIh8UuCZSHiJM0b8thosbJGR4e-ws8QApAT0AQZkAOXSqRAt8oA9N6JDmoT7-VSDIE_ZSh9RgQXX32MUwTvAuFIb_S0krS2YjZPfIUNDU5jN7b3HZnYO2mW6z63qEVDZc9EdSJ3dvqlGsjR5UiRo20OMpK-EFi_o5Ky5VWNzvjE-nVxbxx7Bg4pBHsyZiCAY54Q06ReP5uLKSU0WCuM6Iyrv-eIcR9Pf5vyueu06atNB9mrgqgkBMYEr6u1L2Q6w2qmsRjN64eL8IcwUf3J_ExjlotSQR2AzETCrw1HLFBizy3Y6LQHv48-tBzmvP6XyO_sT74aD6u2RLdyBTHLYOLRBm7qQeXN10YLbdAtC4bluVPMRkBJ4SlL8e0QijGhLbHKyFyiXov_an2dT6fpAsNT4GfhgXjMBm_Snju-Fj7Fq34EXlzBqDrXhfrl4orqnlXqYpWY&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D717973393236038307%26ssk%3D9581c99cb83da03c58131ea7c22606dc%26svar%3D1692741715%26z%3D6106028%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fpsaugourtauy.com%2F%3Fs%3D717973393236038307%26ssk%3D9581c99cb83da03c58131ea7c22606dc%26svar%3D1692741715%26z%3D6106028%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6106028&var3=717973393236038307&ymid=&rhd=1&m=link

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3342cfc5f44c3c11c6dc0f70891bc910d853ac230312a64410db9071cac729b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f06e23627d278556cf72f15732f9d180
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F8BujS%2BPEmF%2Fu3b%2Bn%2FXcyGmKR%2FWu2Dv%2BCZwLmE0C7VJzh4cDw3aWSLpVW5MoGcHFPzLVlE%2BSO%2Br1oXAXALi8e3Fy%2B8NYVTErqDtkFHUet39x56PfyhrnOeRWBtUdZHeU2mB"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fae65acbfc39223-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
psaugourtauy.com/sw-check-permissions/ 0
943 B 31ms
31ms Other
application/javascript 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://psaugourtauy.com/sw-check-permissions/4662709?var=6106028&ymid=717973393236038307&uhd=1
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTEzJmG9efqHPGZNE11VhOHaoTvWl2TQr92FAVQcc6EjSW%2F4NYZqnBLJHIaogAMJvhNFiwgxMsbTqO9njmr06qL%2FN1m50S1ipASYXy7J8iKdHKrksXG2TpLmvAOeYGQu20YO"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 7fae65acbfd69223-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
psaugourtauy.com/ 0
480 B 20ms
20ms Ping
text/plain 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6106028&ymid=717973393236038307&var_3=&var_4=&dsig=&action=prerequest

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 64d9529cd7d72097a451d0a332e6427b
date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfI5eJa0P36ADI%2B4CaqfeGNbTGSXNqtaIOVFD4NrO15q%2BYb1SosCer3%2F8m7HJcVmCl9RhCbxwam756yF4%2BmAFpzXqDn4i4yAw56MieQzjlu0jSU1H6Igw0m5E3W3xrQ1IQXT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
access-control-allow-credentials: true
cf-ray: 7fae65acbfd79223-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 14ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=717973393236038307&var=6106028

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

22088448036a679bed04da799427e03e901aba6cf3b381b328d0dfb527a08675

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://psaugourtauy.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
psaugourtauy.com/ 904 B
1 KB 22ms
21ms Fetch
application/json 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=psaugourtauy.com&var=6106028&ymid=717973393236038307&var_3=&var_4=&dsig=&action=settings

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/pfe/current/micro.tag.min.js?z=4662709&ymid=717973393236038307&var=6106028&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a39e1ce9aac7f0c8d43c22e942fe02a7a401ddd1f3c9578672a14010f40f336

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 3a387da35045806ae1ea960ce6cc17b2
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7Vg75bTQpCGvVCzreA7aaTTvYOfsRogWNqyfOy3h9dwf7WRqgTKkLp8hPHW5KDkY9%2BzT8iPaXKcsRbE2Ev5fqQKLrNjpiUScqvAf18xXuqviWUpJNpWdkBWh%2FsJo3w8RNXQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7fae65accfe19223-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

Primary Request registration Show response
20bet.life/de/
Redirect Chain

https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=iMx9OUWdWAZ8d8DkW8uFoTsa4fO2Nw-y3bBIroLCH0YT_LFE8HmSajBEQd1qvlN1xuWPdZnvzxPTZ27CQuIAnTQyXcnRYrpXMqydNjgepxdIfvqBetKCltBIRk2UZKowjg4ViuvDm2M...
https://plinksplanet.com/click.php?key=yhv3px7zkwi0c60cfm20&clickid=b6adc010-cdbf-4be1-bc6a-6f2d1abf1dac&cost=0.002&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-08-23&BI...
https://promo.20bet.partners/redirect.aspx?pid=164519&bid=1971&lpid=419&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-p...
https://20media.world/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-...
https://20bet.life/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-Not...
https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-...

34 KB
9 KB

265ms
265ms

Document
text/html

2606:4700:20::681a:b66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
Requested by: Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb207ac693f5cda19ea4d289c2a2ef469d874bc7c6f9b99c0c567453c2bba2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7fae65b32d7b5b2c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 22:01:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTticdG9Q8BF2ArUKo0PhGQMpGZIuuv5kVv7vbaftUXsKXvzwXS8NcAgPB%2BgS1T97GF3Qn%2FpFxDT6NZs%2FO7ejT2EUpY8sKYF444Wm2lR1YOa6E95TBM2fRvRz%2Bkm7D%2BMW6yWndncNPs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7fae65b2bd3e5b2c-FRA
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 22:01:56 GMT
location: /de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp0MiapCBrXwBzNpAf%2F5EL5pUynifytCCmlS8asmkRSNgjsXnhlzyCC9ooOTOpYuyyOYZ5QVOhQlvLimagNFDPO%2Bz1wrjH95OM3FQNu1CnYp%2Bs8Gy5uXl5QTSgaz2eIpk1e2irlTVSU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 cat.php
psaugourtauy.com/ 0
757 B 21ms
21ms Ping
text/plain 172.64.133.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://psaugourtauy.com/cat.php?iine=1&userId=de2eddd1f382297393c9cf495cbc8157&zoneid=4662728&rb=xtPitJoRqI1egPBVvGeCysfjO_-PWwkU1hAg0pSdAEIh8UuCZSHiJM0b8thosbJGR4e-ws8QApAT0AQZkAOXSqRAt8oA9N6JDmoT7-VSDIE_ZSh9RgQXX32MUwTvAuFIb_S0krS2YjZPfIUNDU5jN7b3HZnYO2mW6z63qEVDZc9EdSJ3dvqlGsjR5UiRo20OMpK-EFi_o5Ky5VWNzvjE-nVxbxx7Bg4pBHsyZiCAY54Q06ReP5uLKSU0WCuM6Iyrv-eIcR9Pf5vyueu06atNB9mrgqgkBMYEr6u1L2Q6w2qmsRjN64eL8IcwUf3J_ExjlotSQR2AzETCrw1HLFBizy3Y6LQHv48-tBzmvP6XyO_sT74aD6u2RLdyBTHLYOLRBm7qQeXN10YLbdAtC4bluVPMRkBJ4SlL8e0QijGhLbHKyFyiXov_an2dT6fpAsNT4GfhgXjMBm_Snju-Fj7Fq34EXlzBqDrXhfrl4orqnlXqYpWY&var=6106028&var3=717973393236038307&ymid=&rhd=1

Requested by

Host: psaugourtauy.com
URL: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.133.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://psaugourtauy.com/?s=717973393236038307&ssk=9581c99cb83da03c58131ea7c22606dc&svar=1692741715&z=6106028&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 22 Aug 2023 22:01:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 0a362d4255fc269500b42cec5ca5d52f
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M2uxsx9lq2ay%2Bjv6E5B6pZ8U3eh38Q1mKgMLmliwRjYpryGIdbQ4xMbqsySGHe5EH%2FRwxpWRSCf0dBUzs00MIEdwieBg%2BP9DG8H9pGlVsl4JCVpdiOaYj%2BYhujq%2B%2BlNRJTf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://psaugourtauy.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fae65b00bcd9223-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic

Requested by

Host: 20bet.life
URL: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 22:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:49:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 22:01:57 GMT

GET
H2 200 styles.bab33073289d0de5.css
20bet.life/app/ 160 KB
34 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:b66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://20bet.life/app/styles.bab33073289d0de5.css
Requested by: Host: 20bet.life
URL: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0928f4e3f60dcdb526bf847078d64bb5ffc5156724719b5f7f3736d817d6e786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:57 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 21 Aug 2023 10:22:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e33b01-28016"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzONbpSTZZESVPoKo%2BVB5RdWZr2pO%2Fs5kObdVdYh9ChkQLnjaMB%2FXQKeUv35BaMpg6JHsyVtdJRxyCFpAo0d5Na15qGgKG9V1qrnJK3jnRw2ymHE1aOQ%2B2zVLJxhEhW2LLEF7iQgeog%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7fae65b51eb25b2c-FRA

GET
H2 200 sg.js Show response
casino.cur.a8r.games/public/ 8 KB
2 KB 43ms
18ms Script
text/javascript 104.18.41.153

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.cur.a8r.games/public/sg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.153 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b5cc1833da315d0f93fb15fa5589b7b5e9f10965eaebb8cfca11c8847c4fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 21:00:47 GMT
server: cloudflare
age: 3670
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7fae65b54af139ce-FRA
expires: Wed, 23 Aug 2023 02:01:57 GMT

GET
H2 200 agent.js Show response
cdn.seon.io/js/v4/ 310 KB
109 KB 64ms
16ms Script
application/javascript 18.173.154.35

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seon.io/js/v4/agent.js
Requested by: Host: 20bet.life
URL: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.35 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
content-encoding: gzip
via: 1.1 d45f06116647d4cd21c9ad69cb1b14fc.cloudfront.net (CloudFront)
date: Tue, 22 Aug 2023 21:54:01 GMT
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 479
x-amz-server-side-encryption: AES256
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Z-La1UeP7fedQ6xwCPosn_ohBQnaa4nAghE2COUShyHZTiPuHwt3vQ==

GET
H2

200

configuration.js Show response
20bet.life/de/
Redirect Chain

https://20bet.life/configuration.js
https://20bet.life/de/configuration.js

5 KB
2 KB

151ms
151ms

Script
text/javascript

2606:4700:20::681a:b66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://20bet.life/de/configuration.js
Requested by: Host: 20bet.life
URL: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
Protocol: H2
Server: 2606:4700:20::681a:b66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c20aacdc31c6366b94adc99d39582c46b07860215e8c0c21c207b1a3a953b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/de/registration?btag=655020_09B7904B64254408BE090B56156CE45A&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&utm_term=Ubidex-20bet-DE-NotReg-pop-FTDCasino-449&subid=d1c4cfngx3ve2a29dd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:57 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUTKO7dJ16CLHVtJFbBBKyG0ubMCYAKdoehpXLevgyP3X5aEVh9TKV9GoXM9yZhqr9WuAjuD1975h3RLdb2g7m7wYr%2BgNN9l4v5F%2F48YUQ4kofGNb8j2Ves7qdnVUH1czjdNA%2FDyu2g%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
cf-ray: 7fae65b5aef85b2c-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

date: Tue, 22 Aug 2023 22:01:57 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
location: /de/configuration.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzjn1gsknVLgYR%2BD4%2BuDGqpJYczdwTHRgZsajM9gxV8gQutH4SSIFDtv3Dj%2FgCaru8XGLpP9LXaiVeNuka90x6UM4WeQELkxxaJbtIB%2F32BXkNpB%2Bjxn45R%2BCEv8wjElCIcZh%2FqPkEA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7fae65b51eb35b2c-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 48ms
22ms Script
application/javascript 2606:4700::6812:d63b

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20bet.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:01:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2097
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fae65b5ded6363e-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 25 Aug 2023 22:01:57 GMT

GET

mainloaderdark.gif
20bet.life/de/custom-assets/
Redirect Chain

https://20bet.life/custom-assets/mainLoaderDark.gif
https://20bet.life/de/custom-assets/mainloaderdark.gif

0
0

GET v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://20bet.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 518021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET gtm.js
www.googletagmanager.com/ 0
0

GET hotjar-2053477.js
static.hotjar.com/c/ 0
0

GET tag-manager.js
tm.ads.sportradar.com/dist/ 0
0

GET ua-sdk.min.js
aswpsdkus.com/notify/v1/ 0
0

GET track.js
assets.customer.io/assets/ 0
0

GET widgetloader
ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/ 0
0

GET get
20bet.life/api/translation/ 0
0

GET OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 20bet.life
URL: https://20bet.life/de/custom-assets/mainloaderdark.gif

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55HKBB7

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2053477.js?sv=6

Domain: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAACT

Domain: aswpsdkus.com
URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js

Domain: assets.customer.io
URL: https://assets.customer.io/assets/track.js

Domain: ws-cdn001.akamaized.net
URL: https://ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader

Domain: 20bet.life
URL: https://20bet.life/api/translation/get?locale=de_AT

Domain: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
seri2.swiftjourney.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 85f2604d75484f8bae3d6efa8a8e7fd2
seri2.swiftjourney.online/	1970-01-20 14:12:22	Name: short_106359 Value: 1
chalaips.com/	1970-01-20 22:57:57	Name: OAID Value: 43342342a86a4e918e46fdabc989a1ae
chalaips.com/	1970-01-20 22:57:57	Name: oaidts Value: 1692741715
my.rtmark.net/	1970-01-20 22:57:57	Name: ID Value: 43342342a86a4e918e46fdabc989a1ae
psaugourtauy.com/	1970-01-20 22:57:57	Name: oaidts Value: 1692741715
psaugourtauy.com/	1970-01-20 23:48:21	Name: syncedCookie Value: true
psaugourtauy.com/	1970-01-20 22:57:57	Name: OAID Value: de2eddd1f382297393c9cf495cbc8157
psaugourtauy.com/	1970-01-20 14:12:25	Name: reverse Value: B0qnHafGtiTT52WGWCZay5tGblof_8up0Drk0ihxZLY
psaugourtauy.com/	1970-01-20 14:12:21	Name: prefetchAd_4662728 Value: true
plinksplanet.com/	1970-01-20 14:13:48	Name: uclick Value: fngx3ve2a2
plinksplanet.com/	1970-01-20 14:13:48	Name: uclickhash Value: fngx3ve2a2-fngx3ve2a2-fvtl-0-j2g6-hefvbl-irpm6o-be8139
.20bet.partners/	1970-01-20 23:48:21	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a164519%2c%22BID%22%3a1971%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1692741716829)%5c%2f%22%2c%22CookieTag%22%3a%2219711645193659%3abfde%3abc51%3a2101%3a00d3%3a02%3a8ca%3a1002C2023822221%22%7d%5d
.20bet.partners/	1970-01-20 23:48:21	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221862071875%7c1%22%7d%5d
20bet.life/	1969-12-31 23:59:59	Name: preferred-language Value: de
20bet.life/	1970-01-20 14:55:40	Name: btag Value: 655020_09B7904B64254408BE090B56156CE45A
20bet.life/	1970-01-20 14:55:40	Name: subid Value: d1c4cfngx3ve2a29dd
20bet.life/	1970-01-20 14:55:40	Name: utm_campaign Value: Ubidex-20bet-DE-NotReg-pop-FTDCasino-449
20bet.life/	1970-01-20 14:55:40	Name: utm_medium Value: Ubidex
20bet.life/	1970-01-20 14:55:40	Name: utm_source Value: retarget
20bet.life/	1970-01-20 14:55:40	Name: utm_term Value: Ubidex-20bet-DE-NotReg-pop-FTDCasino-449

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20bet.life
20media.world
assets.customer.io
aswpsdkus.com
casino.cur.a8r.games
cdn.onesignal.com
cdn.seon.io
chalaips.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
plinksplanet.com
promo.20bet.partners
psaugourtauy.com
seri2.swiftjourney.online
static.cloudflareinsights.com
static.hotjar.com
tm.ads.sportradar.com
track-eu.trackingtraffo.com
ws-cdn001.akamaized.net
www.googletagmanager.com
20bet.life
assets.customer.io
aswpsdkus.com
cdn.onesignal.com
static.cloudflareinsights.com
static.hotjar.com
tm.ads.sportradar.com
ws-cdn001.akamaized.net
www.googletagmanager.com
104.18.41.153
139.45.195.8
139.45.197.242
162.55.236.100
172.64.133.20
18.173.154.35
2606:4700:20::681a:b66
2606:4700::6812:d63b
2620:1ec:46::45
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2003
2a02:4780:b:739:0:2be4:9d0b:10
3.126.81.211
49.12.123.158
02b132e3c48b25124b0ac29cc32020e08367960e8a64fb3c9dd6aaaea17ef263
0928f4e3f60dcdb526bf847078d64bb5ffc5156724719b5f7f3736d817d6e786
22088448036a679bed04da799427e03e901aba6cf3b381b328d0dfb527a08675
24a961436009096f127c88b4c498cbf03b2225dfc14abba573754f42a0d0d506
3342cfc5f44c3c11c6dc0f70891bc910d853ac230312a64410db9071cac729b4
378b970b2be6b0d6a29abf5640474583268536777bed8ce7b897822354838f3d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
7c20aacdc31c6366b94adc99d39582c46b07860215e8c0c21c207b1a3a953b52
7d2c262a3202ef9787cd0c5a93b978baac093e15af6ac1132fd9aef3c8ab9017
8bb207ac693f5cda19ea4d289c2a2ef469d874bc7c6f9b99c0c567453c2bba2b
9a39e1ce9aac7f0c8d43c22e942fe02a7a401ddd1f3c9578672a14010f40f336
adaa40b1192088b0504135f32713af45c5f54e14d118369c424fe2beef6bb45e
b1f05d90d263d591cbfded662cdb53be6ca617196116ce02a5b5a75fe4ac93ae
b6b5cc1833da315d0f93fb15fa5589b7b5e9f10965eaebb8cfca11c8847c4fd6
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

20bet.life Open in urlscan Pro 2606:4700:20::681a:b66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

70 %HTTPS

43 %IPv6

21 Domains

21 Subdomains

11 IPs

3 Countries

244 kBTransfer

701 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

20bet.life Open in urlscan Pro
2606:4700:20::681a:b66 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

70 %
HTTPS

43 %
IPv6

21
Domains

21
Subdomains

11
IPs

3
Countries

244 kB
Transfer

701 kB
Size

21
Cookies

40 HTTP transactions
2 data transactions