urlscan.io logo urlscan.io
SecurityTrails logo

www.tes-partner.de Open in urlscan Pro
34.249.200.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://illegales-gluecksspiel.de/
Effective URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Submission: On June 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 31 HTTP transactions. The main IP is 34.249.200.254, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.tes-partner.de.
TLS certificate: Issued by R11 on June 7th 2024. Valid for: 3 months.
This is the only time www.tes-partner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:238:20a:... 6724 (STRATO ST...)
1 34.249.200.254 16509 (AMAZON-02)
10 172.64.153.29 13335 (CLOUDFLAR...)
1 104.16.116.18 13335 (CLOUDFLAR...)
1 52.222.232.47 16509 (AMAZON-02)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 217.160.242.202 8560 (IONOS-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.222.201.64 16509 (AMAZON-02)
3 81.173.115.248 8560 (IONOS-AS ...)
1 142.250.185.162 15169 (GOOGLE)
1 217.160.192.223 8560 (IONOS-AS ...)
1 1 172.217.16.194 15169 (GOOGLE)
1 1 142.250.186.164 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
31 14
1    2a01:238:20a:202:1074:: (Germany)

ASN6724 (STRATO STRATO AG, DE)
illegales-gluecksspiel.de
1    34.249.200.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
www.tes-partner.de
10    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    104.16.116.18 (None, )

ASN13335 (CLOUDFLARENET, US)
widget.anwalt.de
1    52.222.232.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    217.160.242.202 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
app.jupus.de
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    52.222.201.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-201-64.cdg50.r.cloudfront.net
uploads-ssl.webflow.com
3    81.173.115.248 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ip81-173-115-248.pbiaas.com
s3-eu-central-1.ionoscloud.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
1    217.160.192.223 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
chat.bot.jupus.de
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
10 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9031
578 KB
4 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 15924
106 KB
3 ionoscloud.com
s3-eu-central-1.ionoscloud.com — Cisco Umbrella Rank: 674136
160 KB
3 jupus.de
app.jupus.de
chat.bot.jupus.de
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
177 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
41 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
24 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
8 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 anwalt.de
widget.anwalt.de
www.anwalt.de Failed
8 KB
1 tes-partner.de
www.tes-partner.de
18 KB
1 illegales-gluecksspiel.de
illegales-gluecksspiel.de
152 B
31 15
Domain Requested by
10 cdn.prod.website-files.com www.tes-partner.de
cdn.prod.website-files.com
4 uploads-ssl.webflow.com cdn.prod.website-files.com
3 s3-eu-central-1.ionoscloud.com app.jupus.de
s3-eu-central-1.ionoscloud.com
2 app.jupus.de www.tes-partner.de
2 www.googletagmanager.com www.tes-partner.de
www.googletagmanager.com
2 cdnjs.cloudflare.com www.tes-partner.de
1 www.google.de www.tes-partner.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 chat.bot.jupus.de s3-eu-central-1.ionoscloud.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.jsdelivr.net www.tes-partner.de
1 d3e54v103j8qbb.cloudfront.net www.tes-partner.de
1 widget.anwalt.de www.tes-partner.de
1 www.tes-partner.de
1 illegales-gluecksspiel.de 1 redirects
0 www.anwalt.de Failed www.tes-partner.de
31 17

This site contains links to these domains. Also see Links.

Domain
www.anwalt.de
Subject Issuer Validity Valid
www.tes-partner.de
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
prod.website-files.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
anwalt.de
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
app.jupus.de
E5		 2024-06-13 -
2024-09-11		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
cmc.ionos.com
GeoTrust TLS RSA CA G1		 2024-02-13 -
2024-08-14		 6 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
chat.bot.jupus.de
R3		 2024-05-06 -
2024-08-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Frame ID: 16D868DEE06077F5B84E94D148E2B413
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rückforderung von Online-Sportwetten-Verlusten

Page URL History Show full URLs

  1. http://illegales-gluecksspiel.de/ HTTP 307
    https://illegales-gluecksspiel.de/ HTTP 301
    https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

94 %
HTTPS

19 %
IPv6

15
Domains

17
Subdomains

14
IPs

4
Countries

1162 kB
Transfer

2311 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://illegales-gluecksspiel.de/ HTTP 307
    https://illegales-gluecksspiel.de/ HTTP 301
    https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChAI8PjuswYQ6ZuRiafnvvBLEh0AkD9wHYrl0cz63RRRZgD0GUdg_1TFmpwa677uMw&pscrd=IhMIpey-z7D5hgMVUxCiAx0VLwjqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIpey-z7D5hgMVUxCiAx0VLwjqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooL-t4K0ITDq-3hEC0bDPg3ddQL-HvM-w&eitems=ChAI8PjuswYQ6ZuRiafnvvBLEh0AkD9wHRweNSKAFVlB3poqSo25osL93NMlTanJcw&random=381991667 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIpey-z7D5hgMVUxCiAx0VLwjqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooL-t4K0ITDq-3hEC0bDPg3ddQL-HvM-w&eitems=ChAI8PjuswYQ6ZuRiafnvvBLEh0AkD9wHRweNSKAFVlB3poqSo25osL93NMlTanJcw&random=381991667&ipr=y

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ruckforderung-von-online-sportwetten-verlusten
www.tes-partner.de/landingpages/
Redirect Chain
  • http://illegales-gluecksspiel.de/
  • https://illegales-gluecksspiel.de/
  • https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
74 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-200-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
63a7a2011a207625617246982dbe0a3d0acbadbee0675f835b6dea5e0ee48dfe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
74949
content-encoding
gzip
content-length
17911
content-type
text/html
date
Wed, 26 Jun 2024 13:31:58 GMT
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
HIT, HIT
x-cache-hits
10, 0
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
559d3c7f-0922-4804-8ab1-db751fb10672
x-served-by
cache-iad-kiad7000075-IAD, cache-dub4327-DUB
x-timer
S1719408719.690890,VS0,VE1

Redirect headers

content-length
294
content-type
text/html; charset=iso-8859-1
date
Wed, 26 Jun 2024 13:31:58 GMT
location
https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
server
Apache/2.4.59 (Unix)
tes-partner.webflow.1ae1e6f07.css
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/ 		126 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5eebb4ce08331aebf671936df566305e6297a7d71d2fba3628995256b8bfc75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
content-encoding
gzip
x-amz-version-id
iz5L_M3LWjzFeuKq3eISYZjRQaelJyH6
cf-cache-status
HIT
x-amz-request-id
SBATTESAF9NTCBJA
age
72513
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
21041
x-amz-id-2
3DqGV5ekupymeqZpYEZr+lY1jSR1wBziRQ5FlOyAvQ7rqtYObyKy0w2JgdSVanJ/Ku6qhlfkSfKH6wnZAFW+osqNEj4Q9wlFoqN0E3UVE6A=
last-modified
Tue, 25 Jun 2024 16:37:50 GMT
server
cloudflare
etag
"5cc11fb6853158bad583d4166c53389a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
899d8f8c4c913662-FRA
664de85d10ce32129e2627f8_sportwetten-p-800.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/664de85d10ce32129e2627f8_sportwetten-p-800.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7afe54babcd1834c4fb9410734637b200ebefd139c26a2d44c0bb37db25690

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
x-amz-version-id
yevXjxWYmy.Gx_Y.pC3p24nUZ3m5fW8G
cf-cache-status
HIT
x-amz-request-id
6270BEYFKX2NKETX
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
89232
x-amz-id-2
5Ho8sh5ItyB5pJ3xsNqawtrO25NunkRszPfKodKlXaoLZi7BPR85VR/wUhswTrLYbbYoXwFJCpQ=
last-modified
Wed, 22 May 2024 12:43:13 GMT
server
cloudflare
etag
"f89dd74d42535f5e933185e7d31854e4"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8c4c953662-FRA
65f854c821bff59db27cd2c6_Anwaltsbereich-p-800.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65f854c821bff59db27cd2c6_Anwaltsbereich-p-800.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919bd13edb1d5f4f450a621d9755268819d58a77b3c3bffa6c41114ef671fbbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
x-amz-version-id
lh43IbL4PXeshqd_oVw9gkthUg0Gn3ds
cf-cache-status
HIT
x-amz-request-id
V41QNAS2MWRWFGTC
age
156438
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
30576
x-amz-id-2
fU+ZP+xhhThz8yMgFFbW+i9gF+YLj538A+5EKeMMpP2Aus0/Z4iX4i02kkhdRjNwdUSWnyVyPq0=
last-modified
Mon, 18 Mar 2024 14:50:50 GMT
server
cloudflare
etag
"63eddb6c838b8fa41bb9ea0a29484c9c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8c4c993662-FRA
get.js
widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.anwalt.de/anzeigen-von-google-sternen/107/id/234740/get.js?v=2
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.116.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ecfc2dcc97e5f80b73c2ddcb511fdecd9da5fa7a4ebe9c79f9309f0bb8672e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 26 Jun 2024 13:31:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
899d8f8cc90f5be1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=653284ded15c4bf1199cdb59
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 02:54:49 GMT
content-encoding
gzip
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
age
46044
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
Wa4J7l6XzWSMXUCKJVHKcYSKjZW5LL-UoLqb1ee07Uu7Zpy1h1j22Q==
webflow.6064ae28a.js
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/ 		629 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/webflow.6064ae28a.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35bfec210b5751fb77b466e0673ff1b4f8b6a8f835d5b8cbd45a376b2a80311

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
content-encoding
gzip
x-amz-version-id
2ph7S9IMp.f9QY0pH9pQBEUF6EZOcRFZ
cf-cache-status
HIT
x-amz-request-id
SBAQ2405944DMA42
age
65699
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
175390
x-amz-id-2
1MvPCaGynEQiHx6w8A7SRzC+Fq2RntdLHHW5B8YNJDDydHF0E5iAWJh6GOe84Cl3lxqrqshr4Bo=
last-modified
Tue, 25 Jun 2024 16:37:51 GMT
server
cloudflare
etag
"507b835e48b5c1689de5207fe8749cbe"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
899d8f8c9d103662-FRA
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
56152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25280
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-62c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyRQx%2BxcBAWE7lo0vDuFihZ8jhAAYWMy4pYXjDXEM2bKqyfU4rjisb43fdEAhhXqzG7Fx%2FxTVy%2BOXkAjCfkSJ5uyzBcqgRJOzSv4SBY%2Be7vhYXTxj5brDThU7NhJpnKU%2FOcBcIVq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
899d8f8cb8949b83-FRA
expires
Mon, 16 Jun 2025 13:31:58 GMT
ScrollTrigger.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ScrollTrigger.min.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1073923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15693
last-modified
Wed, 28 Jun 2023 20:03:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"649c91f5-3d4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5IEl4xHhrCWHzKpE9zuzA9ikFsWsSFzlwi4otWMMbkdF2piJEqyyKkQIi04XZglPkewg3mqbPudQSst0eyzMwX6eDWbaSTTmPPycSCVms8xKGRejo%2FiIxByIWST1A7%2BE6aspPSG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
899d8f8cb8919b83-FRA
expires
Mon, 16 Jun 2025 13:31:58 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKJ832SB
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c16e5850f342adba243636bfa7a4af369e08d2971fbb4aa6aadab38eccd0590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88237
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 13:31:58 GMT
0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
app.jupus.de/chat/embed/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.242.202 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
8d29478ef71715bc4a4afeab6adefe4646d2474f061ceeea44f2deb4212a557a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
server
Caddy, gunicorn
cross-origin-opener-policy
same-origin
vary
Cookie
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
alt-svc
h3=":443"; ma=2592000
content-length
21858
expires
Wed, 26 Jun 2024 13:31:58 GMT
a11y.js
cdn.jsdelivr.net/npm/@finsweet/attributes-a11y@1/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-a11y@1/a11y.js
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349e32f7cb06b27397838ede815888e9639bdf983333a90d53588b4487f8b729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27384
x-jsd-version
1.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7362
x-served-by
cache-fra-eddf8230034-FRA, cache-lga21943-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"49e1-s9chr9r18bFpcjiHfbSTZd91NSs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5KBd5NZAW3mSUbRY7Dw7Q1%2FhM19gQipTlix1u2QCZYciEvWdaLHcZepYgUFz37mYhi7aaLiNZQxR%2FNwPGUYZvh%2FvZU5FGSHLvUG3GX7trF%2BwE130KGVYcq9v6YyDIZpit0bHaJIeJ%2FPf6M8zBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
899d8f8ce86fbc04-FRA
65bcd40622f3f674d4bf2294_Frankfurt_standort.jpg
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65bcd40622f3f674d4bf2294_Frankfurt_standort.jpg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e31cfbd7bce0f0345bf28cbb19804c0bb36cb6c83a40f33b4b78073ae4e456

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
x-amz-version-id
W46DYKZ9.K_q9o5T1e4Cv9XWyGidPT4X
cf-cache-status
HIT
x-amz-request-id
9W4ME89AD4AEG9RG
age
1203724
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
107135
x-amz-id-2
rfs9vhSJvBfwjAqF0uNz0H5OIfFcX921OiN9Gly1sylDDzkDv5oSvZHHTG+gRf19zxEQUZrajE0=
cf-bgj
h2pri
last-modified
Fri, 02 Feb 2024 11:37:43 GMT
server
cloudflare
etag
"b312dbe71932574c74a1f25cb7304be9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8ccd533662-FRA
65bcd40648baf02527af4afd_BadSoden_standort.jpg
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65bcd40648baf02527af4afd_BadSoden_standort.jpg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34965fc51e439cb0247d875d1be7f6405c775c54323d58f3f87c9f129e477b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
x-amz-version-id
DkgYLEcqK4yktU7FJszJMmCWMRblgyGL
cf-cache-status
HIT
x-amz-request-id
9W4GTJ81G0DMRHDC
age
555
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
133033
x-amz-id-2
B7Uru3N9myZlHJP3NDAykw3XqKQKrhfVtJpK13CN9U3Kb9Dfqh1d4u4XQRmqYsO2qXxR31mVgLg=
cf-bgj
h2pri
last-modified
Fri, 02 Feb 2024 11:37:43 GMT
server
cloudflare
etag
"c2aaf0579ed5f3aa25f18de35b6829bc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8ccd573662-FRA
6532da2c0668196c73ef48ad_Satoshi-Medium.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2c0668196c73ef48ad_Satoshi-Medium.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.201.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-201-64.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 07:25:19 GMT
x-amz-version-id
8y4moZ4ENzEcRKHn1zn7qhvNucKGD.rN
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
age
4082800
x-amz-cf-pop
CDG50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25596
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"cd790237ed63c56b30aa8fb9d99a7563"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
5JrO4MnHJ_Hy11aG-SGtYI9zwjnfRYF8d_uNHicjWxY8OWGoEPLOnQ==
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
6532da2cb8b841ba0baa35f3_Satoshi-Bold.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2cb8b841ba0baa35f3_Satoshi-Bold.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.201.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-201-64.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 00:51:56 GMT
x-amz-version-id
6D3ise9uTsVdadelgIXy__N_SBhLOFEL
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
age
4452003
x-amz-cf-pop
CDG50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25328
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"d4db658f4dd63bc2d0d84f325a341e29"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
8xadpudOSaLoHMpmrz7xuhqR0LASS-gTtPViJ_Ub8N2o7gaPwTl-UA==
65415cd504d25f4e83e578db_Gambetta-SemiboldItalic.ttf
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		69 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/65415cd504d25f4e83e578db_Gambetta-SemiboldItalic.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.201.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-201-64.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05e5c6e5a8ffef889578221e4cfa1e766645416c0e34943b1db1d4082cb86f86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 05:46:34 GMT
x-amz-version-id
xgjHiBooPSpOn_zKeoLX4hkenvGg1HkG
content-encoding
gzip
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
age
4520724
x-amz-cf-pop
CDG50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 31 Oct 2023 20:00:23 GMT
server
AmazonS3
etag
W/"ed80a982a8fb986bb9df6a6274e9d67f"
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
qjl2lq9dc5S-3dB9TzXAXnJVXaSnJVtWjDMTH5n_yXGBzuY0uJi4BA==
6532da2c81db66ea7318142b_Satoshi-Regular.woff2
uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/653284ded15c4bf1199cdb59/6532da2c81db66ea7318142b_Satoshi-Regular.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/css/tes-partner.webflow.1ae1e6f07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.201.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-201-64.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.tes-partner.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 07:25:19 GMT
x-amz-version-id
mlX2qUpm4ZVcWeJRZAo8vLzKg9.r0BG2
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
age
4082800
x-amz-cf-pop
CDG50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25516
last-modified
Fri, 20 Oct 2023 19:51:09 GMT
server
AmazonS3
etag
"71a6023c087c936859024eb16ec7a519"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
gpkbNHBHVb7lKRNMnhOzlYYYwfF0ow_ueCXTpgnqY3tB-XeplGUSvA==
65fc467e6a3ffc14e095f304_logo-dark.png
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65fc467e6a3ffc14e095f304_logo-dark.png
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c4e4fb3a83b60cb236ec850902f77cc5b2bebe4134045f922b1bec5faa69e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:58 GMT
x-amz-version-id
9D6vtXXC0rOMsoeE1Pz_Oq0RbeAmMiKi
cf-cache-status
HIT
x-amz-request-id
SEB83B65KDXW9X42
age
1972088
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
28845
x-amz-id-2
G8VWCiFsrBUB1oV3mqZi8PJqge5Z7fgcalk99lS/ISqChrJt8YyCb69EcnE0oINmeMU38y1bWVE=
last-modified
Thu, 21 Mar 2024 14:38:55 GMT
server
cloudflare
etag
"2dfa68aec14e00db2777fd56ef01bc9e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8d2ddc3662-FRA
664dc649e479664fe6f7369c_checkmark.webp
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		286 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/664dc649e479664fe6f7369c_checkmark.webp
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8266f44fbd7df75879580475d88ecd8506d728223cffa77db2a5fb66f596afa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
x-amz-version-id
GLve1aXNf0VlqT2opDLEY895wVNhmO7Q
cf-cache-status
HIT
x-amz-request-id
PBD8NXK9EHZ0D27Y
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
286
x-amz-id-2
Sn1j2ic/soFhZHUEGLVUtjrBX+Q6sdBVHposlYWIXpI+029uQdR9bp5sK58sA988v4hp0tFphLM=
last-modified
Wed, 22 May 2024 10:20:09 GMT
server
cloudflare
etag
"2bd716769e316da1f1fd0d74425aca91"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
cf-ray
899d8f8d2de03662-FRA
65412ed26b34d95e86908510_Animation%20-%201698770607305.json
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/65412ed26b34d95e86908510_Animation%20-%201698770607305.json
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/js/webflow.6064ae28a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b4eb4da43752117f5e6afbb54b25c7e0a6e8db87ba7d9b39fedd8059262832

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
x-amz-version-id
aJWRMG2017x9qb4fqbYlYYZO2EnW9Tuq
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8SEB8NF35NAC564D
age
191141
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3QmFOsaF4BQ1kRnW5eQ5OPekOfok/bTmI4luMKoKjTJJ9Ere8qyPhgfYxaJTU+sxvoR61MzBiFA=
last-modified
Tue, 31 Oct 2023 16:44:04 GMT
server
cloudflare
etag
W/"3fc7189333fcfd840af3d8482c03a97e"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
899d8f8de9a21981-FRA
destination
www.googletagmanager.com/gtag/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11468688615&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKJ832SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78fcfe56fbfac851a3cf21f887d3d04a95dd5c80b9c8ed10bc8df39bd54404e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92351
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jun 2024 13:31:59 GMT
botario.js
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		155 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Requested by
Host: app.jupus.de
URL: https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.248 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-248.pbiaas.com
Software
CloudianS3 /
Resource Hash
dfa531062ebdcb1c9d8b6a46bb8114f7a4ed2606d9141501813237dbc686f3d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:25 GMT
server
CloudianS3
x-amz-request-id
34be3a4e-e00f-1e8c-8014-e8ebd35ab8c0
etag
"64a477b94cb7858ef60bc6155dbaad8f"
content-type
application/javascript
accept-ranges
bytes
content-length
158928
/
www.googleadservices.com/pagead/conversion/11468688615/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11468688615/?random=1719408719193&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11468688615&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2d5395d30e5e2604131cb372cc070b42b83e47b3452c7fd15a94c9ca3e71fa42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 13:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1714
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
botario.plugin.upload.js
chat.bot.jupus.de/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.bot.jupus.de/botario.plugin.upload.js
Requested by
Host: s3-eu-central-1.ionoscloud.com
URL: https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.192.223 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
0bf74fd765c1ed05bb78d698ab169d38a7ad6a6e9e576ae1cc315dafecec8dd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
last-modified
Sat, 01 Apr 2023 11:28:16 GMT
server
nginx
accept-ranges
bytes
etag
"64281550-214a"
content-length
8522
content-type
application/javascript
botario.css
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.css
Requested by
Host: app.jupus.de
URL: https://app.jupus.de/chat/embed/0aa5d512-2f3c-4e5a-a2c9-5a730d81b084.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.248 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-248.pbiaas.com
Software
CloudianS3 /
Resource Hash
01409f757b3fd5b2a9ee82262d97408bcf271ccb39882d04e4e63726cdbb6240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:25 GMT
server
CloudianS3
x-amz-request-id
34be3a52-e00f-1e8c-8014-e8ebd35ab8c0
etag
"44a090448845dcea9b63acbf01f9cab9"
content-type
text/css
accept-ranges
bytes
content-length
2507
/
www.google.de/pagead/1p-conversion/11468688615/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281...
  • https://www.google.com/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_c...
  • https://www.google.de/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cp...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIpey-z7D5hgMVUxCiAx0VLwjqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooL-t4K0ITDq-3hEC0bDPg3ddQL-HvM-w&eitems=ChAI8PjuswYQ6ZuRiafnvvBLEh0AkD9wHRweNSKAFVlB3poqSo25osL93NMlTanJcw&random=381991667&ipr=y
Requested by
Host: www.tes-partner.de
URL: https://www.tes-partner.de/landingpages/ruckforderung-von-online-sportwetten-verlusten
Protocol
H3
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.tes-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 13:31:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 13:31:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11468688615/?random=116449894&cv=11&fst=1719408719193&bg=ffffff&guid=ON&async=1&gtm=45be46o1v9179812692z89183727281za201zb9183727281&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tes-partner.de%2Flandingpages%2Fruckforderung-von-online-sportwetten-verlusten&label=m8A2CJLEraoZEOeZ2dwq&hn=www.googleadservices.com&frm=0&tiba=R%C3%BCckforderung%20von%20Online-Sportwetten-Verlusten&value=0&npa=1&pscdl=noapi&auid=648859968.1719408719&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIpey-z7D5hgMVUxCiAx0VLwjqMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vd3d3LnRlcy1wYXJ0bmVyLmRlLw&is_vtc=1&cid=CAQSGwDaQooL-t4K0ITDq-3hEC0bDPg3ddQL-HvM-w&eitems=ChAI8PjuswYQ6ZuRiafnvvBLEh0AkD9wHRweNSKAFVlB3poqSo25osL93NMlTanJcw&random=381991667&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.anwalt.de/ 		0
0
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
504b9eb288e20b561177ec9d98fa0fec343d7ca371bdaef2ab8e2c4fe42f7aed

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
66223da596fa7a166a70a59c_favicon-32x32.png
cdn.prod.website-files.com/653284ded15c4bf1199cdb59/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/653284ded15c4bf1199cdb59/66223da596fa7a166a70a59c_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329413d10037556cede01d16b3555aff3e5d6e01cc226183659382d74ad38f3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:31:59 GMT
x-amz-version-id
8b3_4a5hmyqQcfV1e3mjhOyNc6Q3uSEC
cf-cache-status
HIT
x-amz-request-id
J2VS6ZM03YY9NS2Q
age
1972088
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1512
x-amz-id-2
45l/Izz65S7f1xCUtdaZ/eBXbnvaawMjO/gfDrGNF6eW4DEDdRhZxoYajZnocBdppL87Smsm51c=
last-modified
Fri, 19 Apr 2024 09:47:18 GMT
server
cloudflare
etag
"add3e6fe1f23c58413f417769d95e535"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
899d8f931d3d3662-FRA
rest.fe228655.js
s3-eu-central-1.ionoscloud.com/jupus/botario/custom/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/rest.fe228655.js
Requested by
Host: s3-eu-central-1.ionoscloud.com
URL: https://s3-eu-central-1.ionoscloud.com/jupus/botario/custom/botario.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.173.115.248 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ip81-173-115-248.pbiaas.com
Software
CloudianS3 /
Resource Hash
e1c2c152cbcf13f6fb3d7c12862e5ee76910c0e8407642bd80852247bb20aecb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:32:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 15:39:27 GMT
server
CloudianS3
x-amz-request-id
72249393-1262-1f35-9d71-e8ebd35abfb8
etag
"f45ec8fef1c552e25995d674b7e9ed7f"
content-type
application/javascript
accept-ranges
bytes
content-length
1827
logo.svg%3Ffill=%23ffffff
app.jupus.de/channels/ingress/chatbot/embed/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.jupus.de/channels/ingress/chatbot/embed/logo.svg%3Ffill=%23ffffff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.160.242.202 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
de17b6fdb2cc614ffd5cc79cfecd84b6c916cdda1a7de5599ab1e2710ca2270a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tes-partner.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:32:01 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
server
Caddy, gunicorn
cross-origin-opener-policy
same-origin
vary
Cookie
x-frame-options
DENY
content-type
image/svg+xml
alt-svc
h3=":443"; ma=2592000
content-length
1712

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.anwalt.de
URL
https://www.anwalt.de/

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| dataLayer string| JUPUS function| jp function| $ function| jQuery object| fsAttributes object| FsAttributes object| Webflow function| tram object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| Observer function| ScrollTrigger object| google_tag_manager object| google_tag_data object| _gsap function| _scrollTop function| _scrollLeft function| initialize function| bustCache function| loadScript function| loadStyle function| registerEventListener function| onJupusChatWindowOpenedListener function| onjupusChatMessageReceived function| trackConversion function| showButton function| hideButton function| toggleButton function| openFloatingChat function| closeFloatingChat function| toggleFloatingChat object| jupus object| GooglebQhCsO function| parcelRequire6f0e object| botario

2 Cookies

Domain/Path Name / Value
.tes-partner.de/ Name: _gcl_au
Value: 1.1.648859968.1719408719
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.jupus.de
cdn.jsdelivr.net
cdn.prod.website-files.com
cdnjs.cloudflare.com
chat.bot.jupus.de
d3e54v103j8qbb.cloudfront.net
googleads.g.doubleclick.net
illegales-gluecksspiel.de
s3-eu-central-1.ionoscloud.com
uploads-ssl.webflow.com
widget.anwalt.de
www.anwalt.de
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.tes-partner.de
www.anwalt.de
104.16.116.18
104.17.24.14
142.250.185.162
142.250.186.164
172.217.16.194
172.217.16.195
172.64.153.29
217.160.192.223
217.160.242.202
2606:4700::6812:ba1f
2a00:1450:4001:81c::2008
2a01:238:20a:202:1074::
34.249.200.254
52.222.201.64
52.222.232.47
81.173.115.248
01409f757b3fd5b2a9ee82262d97408bcf271ccb39882d04e4e63726cdbb6240
05e5c6e5a8ffef889578221e4cfa1e766645416c0e34943b1db1d4082cb86f86
0bf74fd765c1ed05bb78d698ab169d38a7ad6a6e9e576ae1cc315dafecec8dd4
1c16e5850f342adba243636bfa7a4af369e08d2971fbb4aa6aadab38eccd0590
2d5395d30e5e2604131cb372cc070b42b83e47b3452c7fd15a94c9ca3e71fa42
329413d10037556cede01d16b3555aff3e5d6e01cc226183659382d74ad38f3c
349e32f7cb06b27397838ede815888e9639bdf983333a90d53588b4487f8b729
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68
41b4eb4da43752117f5e6afbb54b25c7e0a6e8db87ba7d9b39fedd8059262832
504b9eb288e20b561177ec9d98fa0fec343d7ca371bdaef2ab8e2c4fe42f7aed
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5
53c4e4fb3a83b60cb236ec850902f77cc5b2bebe4134045f922b1bec5faa69e2
54ecfc2dcc97e5f80b73c2ddcb511fdecd9da5fa7a4ebe9c79f9309f0bb8672e
59e31cfbd7bce0f0345bf28cbb19804c0bb36cb6c83a40f33b4b78073ae4e456
63a7a2011a207625617246982dbe0a3d0acbadbee0675f835b6dea5e0ee48dfe
65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932
78fcfe56fbfac851a3cf21f887d3d04a95dd5c80b9c8ed10bc8df39bd54404e6
8d29478ef71715bc4a4afeab6adefe4646d2474f061ceeea44f2deb4212a557a
8e7afe54babcd1834c4fb9410734637b200ebefd139c26a2d44c0bb37db25690
919bd13edb1d5f4f450a621d9755268819d58a77b3c3bffa6c41114ef671fbbb
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
a34965fc51e439cb0247d875d1be7f6405c775c54323d58f3f87c9f129e477b5
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
d8266f44fbd7df75879580475d88ecd8506d728223cffa77db2a5fb66f596afa
de17b6fdb2cc614ffd5cc79cfecd84b6c916cdda1a7de5599ab1e2710ca2270a
dfa531062ebdcb1c9d8b6a46bb8114f7a4ed2606d9141501813237dbc686f3d0
e1c2c152cbcf13f6fb3d7c12862e5ee76910c0e8407642bd80852247bb20aecb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f35bfec210b5751fb77b466e0673ff1b4f8b6a8f835d5b8cbd45a376b2a80311
f5eebb4ce08331aebf671936df566305e6297a7d71d2fba3628995256b8bfc75
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d