urlscan.io logo urlscan.io
SecurityTrails logo

totalsportek.online Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://totalsportek.online/
Effective URL: https://totalsportek.online/
Submission: On December 20 via manual from CA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 7 countries across 25 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is totalsportek.online. The Cisco Umbrella rank of the primary domain is 651380.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 12th 2022. Valid for: a year.
This is the only time totalsportek.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 188.114.96.12 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 5.226.179.16 209242 (CLOUDFLAR...)
1 1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 2 85.184.96.0 47171 (UNIBET-AS)
13 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 85.184.96.5 47171 (UNIBET-AS)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 72.246.168.251 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
75 29
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
totalsportek.online
7    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
totalsportek.online
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.cssscript.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
fmnetwork.nl
3    2606:4700:3033::ac43:c137 (United States)

ASN13335 (CLOUDFLARENET, US)
streamsportal.com
7    2606:4700:3037::6815:8bc (United States)

ASN13335 (CLOUDFLARENET, US)
keypush.net
tracking.keypush.net
2    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
trkad.network
1    5.226.179.16 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.bet365.nl
1    2a02:26f0:dc::6853:439 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
b1.trickyrock.com
2    85.184.96.0 (Malta)

ASN47171 (UNIBET-AS, MT)
www.unibet.nl
13    2606:4700::6812:19bc (United States)

ASN13335 (CLOUDFLARENET, US)
welcome.unibet.nl
3    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    85.184.96.5 (Malta)

ASN47171 (UNIBET-AS, MT)
a1s-cdn.unibet.com
a1s.unibet.com
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    72.246.168.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-251.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
2    2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
3    2606:4700::6810:aebc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bannerflow.com
1    2a02:26f0:1700:11::b856:6798 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:dc:38c::f09 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
Apex Domain
Subdomains		 Transfer
15 unibet.nl
www.unibet.nl — Cisco Umbrella Rank: 264964
welcome.unibet.nl — Cisco Umbrella Rank: 325127
31 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
252 KB
8 totalsportek.online
totalsportek.online — Cisco Umbrella Rank: 651380
122 KB
7 keypush.net
keypush.net — Cisco Umbrella Rank: 320016
tracking.keypush.net
25 KB
4 trkad.network
trkad.network — Cisco Umbrella Rank: 821545
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
292 KB
3 bannerflow.com
cdn.bannerflow.com — Cisco Umbrella Rank: 32458
16 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2623
457 B
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
fonts.googleapis.com — Cisco Umbrella Rank: 37
62 KB
3 streamsportal.com
streamsportal.com — Cisco Umbrella Rank: 269558
466 KB
2 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4183
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4785
32 KB
2 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 9293
111 KB
2 unibet.com
a1s-cdn.unibet.com — Cisco Umbrella Rank: 242266
a1s.unibet.com — Cisco Umbrella Rank: 184023
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
90 KB
2 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 4697
use.fontawesome.com — Cisco Umbrella Rank: 857
42 KB
1 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 931
37 KB
1 trickyrock.com
b1.trickyrock.com — Cisco Umbrella Rank: 141469
939 B
1 bet365.nl
www.bet365.nl — Cisco Umbrella Rank: 489194
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 13489
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
702 B
1 fmnetwork.nl
fmnetwork.nl
644 B
1 cssscript.com
www.cssscript.com — Cisco Umbrella Rank: 309364
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
25 KB
75 25
Domain Requested by
13 welcome.unibet.nl welcome.unibet.nl
8 totalsportek.online 2 redirects totalsportek.online
7 pagead2.googlesyndication.com totalsportek.online
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 keypush.net 2 redirects totalsportek.online
fmnetwork.nl
keypush.net
4 trkad.network keypush.net
4 www.googletagmanager.com totalsportek.online
www.googletagmanager.com
3 cdn.bannerflow.com welcome.unibet.nl
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 region1.google-analytics.com www.googletagmanager.com
3 streamsportal.com totalsportek.online
2 c.bannerflow.net welcome.unibet.nl
2 www.unibet.nl 2 redirects
2 tracking.keypush.net keypush.net
tracking.keypush.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ajax.googleapis.com totalsportek.online
welcome.unibet.nl
2 cdnjs.cloudflare.com totalsportek.online
cdnjs.cloudflare.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 consent.cookiebot.com tags.tiqcdn.com
1 tags.tiqcdn.com welcome.unibet.nl
1 a1s.unibet.com welcome.unibet.nl
1 fonts.googleapis.com welcome.unibet.nl
1 use.fontawesome.com welcome.unibet.nl
1 a1s-cdn.unibet.com welcome.unibet.nl
1 www.google.com tpc.googlesyndication.com
1 b1.trickyrock.com 1 redirects
1 www.bet365.nl
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.nl pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fmnetwork.nl totalsportek.online
1 www.cssscript.com totalsportek.online
1 pro.fontawesome.com totalsportek.online
1 cdn.jsdelivr.net totalsportek.online
75 33

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-12 -
2023-04-11		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.streamsportal.com
E1		 2022-11-03 -
2023-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
bet365.nl
Cloudflare Inc ECC CA-3		 2022-11-13 -
2023-11-13		 a year crt.sh
welcome.unibet.nl
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
unibet.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-15 -
2023-06-17		 a year crt.sh

This page contains 10 frames:

Primary Page: https://totalsportek.online/
Frame ID: C4538969EA739068185312597A47F800
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 264C03E4311CAE074870505037BF083D
Requests: 1 HTTP requests in this frame

Frame: https://keypush.net/tracking/404.html
Frame ID: 1AC874312BA1A5C898A6529710F65806
Requests: 1 HTTP requests in this frame

Frame: https://keypush.net/tracking/abc/tracking-nl.html
Frame ID: 55C861DA9B03B9B40E0F384A1D9BE6A5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&adk=1812271804&adf=3025194257&lmt=1671555312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftotalsportek.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671555312213&bpp=8&bdt=403&idt=232&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7966435930296&frm=20&pv=2&ga_vid=1028925191.1671555312&ga_sid=1671555312&ga_hid=1533324141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071251%2C44780792&oid=2&pvsid=250940268893003&tmod=1946270160&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: A1C3DC98CA197BFFCAEB1F57D34AB3C9
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.nl/olp/open-account?affiliate=365_01088191
Frame ID: 32992AFBD8D8DD50473A70D87157FFDB
Requests: 3 HTTP requests in this frame

Frame: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Frame ID: B264AEF4DC0C7B463EF0F2E1365CB35F
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4198A882340D3F33D2BEB91A2339059D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82E4D98E00A06BC20045B7C7D56D428C
Requests: 2 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: A01D5F69ECC66D60C042BCA9B96AF79A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TOTALSPORTEK - Sports Stream

Page URL History Show full URLs

  1. http://totalsportek.online/ HTTP 301
    https://totalsportek.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

75
Requests

99 %
HTTPS

84 %
IPv6

25
Domains

33
Subdomains

29
IPs

7
Countries

1611 kB
Transfer

3472 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://totalsportek.online/ HTTP 301
    https://totalsportek.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://totalsportek.online/css/dist.js HTTP 302
  • https://totalsportek.online/
Request Chain 25
  • https://keypush.net/tracking/abc/mcheck.php HTTP 302
  • https://keypush.net/tracking/404.html
Request Chain 28
  • https://keypush.net/tracking/abc/mcheck.php HTTP 302
  • https://keypush.net/tracking/abc/tracking-nl.html
Request Chain 41
  • https://b1.trickyrock.com/redirect.aspx?pid=86070334&bid=37910 HTTP 307
  • https://www.unibet.nl/stan/campaign.do?cmpId=2763423&affiliateId=1&unibetTarget=/nl/sportsbook/welcome-offer/index.html&targetDomain=https://welcome.unibet.nl&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&affiliateId=1&pid=86070334&bid=37910 HTTP 301
  • https://www.unibet.nl/stan/redirecttocampaign.do?cmpId=2763423&affiliateId=1&unibetTarget=/nl/sportsbook/welcome-offer/index.html&targetDomain=https://welcome.unibet.nl&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&affiliateId=1&pid=86070334&bid=37910&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nl%2Fnl%2Fsportsbook%2Fwelcome-offer%2Findex.html%3Fmktid%3D1%3A81745664%3A86070334-37910 HTTP 301
  • https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
totalsportek.online/
Redirect Chain
  • http://totalsportek.online/
  • https://totalsportek.online/
78 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb895a9e78cfa6be018b7aaec6de0bae6f0366a043393add067cdbdd2011f2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
77c9e77a3f0abb9b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 16:55:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm0mmAy2TndEtdzCGygozeoe8yHEU3S5pDYL5IjNiQqQlA1ROfwyi4OwedDH137gygw5BMMVp%2BimDS1kQobiKrkL1WCyZKUDDq%2FNEcgoeAiJMGtgZVIZ3FP1QCqQv%2FoOqGCyptAIIoI7kviommD9CzL%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
77c9e7799e605b5c-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 20 Dec 2022 16:55:11 GMT
Expires
Tue, 20 Dec 2022 17:55:11 GMT
Location
https://totalsportek.online/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8%2BSsJO0GZBwcV2ClrA8o35a7bx4N2wZFObI7yI1%2BGkzadtX19nUJ9agtzTRLJDtZmBVYmCnoUhGZ%2BQLfryJxhYOUKu6XLgPkcio4FK%2BMuQs3UnEYkUBMvNNy2PDg0FU%2FvpHL9ctYER4mcVI7b7UF8t2"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dist.css
totalsportek.online/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totalsportek.online/css/dist.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84740c447fdf2517db31ab59de2ae7abf1a6ce574ab20687c67dd5ef6dee9c8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Apr 2022 23:23:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10879469
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNAbLnPd4uHgy7CP0ncoexcDNMbqJNA6%2BTDVJbV1rvlmamUOykOD9GmDNiZUMlBEqwgR1MrBY4PmqQagxgG0PIiGf3aiVNK%2Fg7ZY7Hzhmx%2FrctI6211bWRrbCSe%2FFgYHxZvhb7DnLIDNmEqJpQ2xmM4s"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
77c9e77ae8c0bb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Sep 2022 18:50:42 GMT
/
totalsportek.online/
Redirect Chain
  • https://totalsportek.online/css/dist.js
  • https://totalsportek.online/
78 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totalsportek.online/
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb895a9e78cfa6be018b7aaec6de0bae6f0366a043393add067cdbdd2011f2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52gcAdG5glFwPKuFf3qVhTcwo1NPrOTCWbZlcx8M0CZeNpgGGqJyRjtfTLVsxEuBFoqm6qhT5Hg2IXhehw1jJRzA1CRflrF6FOUe2ByXKNzrtRG%2FdAUwAdiawchAKg0FworhiNHxkV0rhUiB1LJghKZM"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
cf-ray
77c9e77b580191f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 20 Dec 2022 16:55:11 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
hit
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMDKbdp47pQDjHC1jItf7GTV7EEow2XmsMz9T2FexjwBeATIXuaKawnewH5ut%2BC%2FSnvKO6yWvSnSPmsWEZSlse%2FxdpexBNz5Zk8eByDvckMBHJZf0Jz7h6MiE6g6tmUPXfFMAZqqL%2BEU%2BTAvgtTMo6wR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://totalsportek.online/
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
77c9e77ae8c7bb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://totalsportek.online/
Origin
https://totalsportek.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8012081
x-jsd-version
4.6.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA, cache-scl2220034-SCL
x-jsd-version-type
version
server
cloudflare
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGlURQwyoVgfdPkSWp7SjpBJBfr5nLeIBNA2ntNnmeJkDmzpyZeR5MDmGL2q0WSAZkRRGsFNtQ6%2BQlnN%2BFKXvqwcrythVlvLlVQ0o4fxikdz%2Fa206rY3GlA3yd1ls8N%2FYZicPEYEzGgkM9vo3Ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77c9e77b3ca09944-FRA
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer
https://totalsportek.online/
Origin
https://totalsportek.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
66ASYQYG983NMC98
age
11859553
x-amz-id-2
aMBlDhSHXXY8BJ/oQA2oZ6hGuAXxf7Eie1RS+ffb6Xo8z1ufkavKKD1h72LaBfW7CcQv6UXWr5/307WCXOI35Q==
last-modified
Mon, 28 Jun 2021 16:54:32 GMT
server
cloudflare
etag
W/"aa1272633e7e552395d147a499bad186"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31556926
cf-ray
77c9e77b4a5f9237-FRA
dark.css
totalsportek.online/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://totalsportek.online/dark.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea2ba27bba2ed6ddbee3b62e160760a77c60b36068500763588f3350840bfe8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Apr 2022 23:23:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10879469
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBM5%2BxYbxQMBxwbZu%2FeAFSY8pLlOlrCb9dVmTeMd9A2M0b2LMQaPV9k2m0FYwX%2BlmvTRXBw6c%2BUIXj0qUsAWNvxpap6usmgM6gMPo5fodvQDOOrZd%2B%2Bg9LRy43KEf2vb2PtUlkL9SI1cZWC9eIK5EdMh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
77c9e77ae8c8bb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 15 Sep 2022 18:50:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2614126763130416
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86fd0b372c7e4dbc6a7d960ea3528bb436d027bbb17bfffd988595940e7c3676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://totalsportek.online/
Origin
https://totalsportek.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49467
x-xss-protection
0
server
cafe
etag
17742825848320355549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 16:55:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8051978673542046
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
decd6f04cad921d54a6ea7f2aee7b40c0832e5b44c181089a6ea245d6caa3140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://totalsportek.online/
Origin
https://totalsportek.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49323
x-xss-protection
0
server
cafe
etag
9194090483598498413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 16:55:12 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7ENYTLNB3P
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
167a8ce4c190c493bf9687ca6ab2607ec952c8e197e78935b1c3c7a1e8f341ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76797
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 16:55:12 GMT
sticky.css
www.cssscript.com/demo/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cssscript.com/demo/sticky.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8858611fa56ec1d55dc57e0325e51bda6a454fa3372aaeee29b02c0aa287e2dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2039853
cf-polished
origSize=1559
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 26 Apr 2020 13:29:36 GMT
server
cloudflare
etag
W/"5ea58cc0-617"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlxNypzsx843AiGxKjhoyZQi7RtwHWJ2K8AqrLLBbO6lSAnVDpo72r4OBS9XFnQvaW9q%2BsnSBcZY3AiZ41ImjdEwPqzeKZHlHaWxKXDybyHdEUvkRnHSsVWuYRL9qdd5odeRRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
77c9e77d6a286983-FRA
expires
Mon, 27 Nov 2023 02:17:39 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1787764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10391
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nOLgodGhs77v3mzRNaihcqGBRUZZ4R0Jfgbg9MhUjlRuOewt29QdTcaMtKjoJJf1ZXOp8w%2FyMZXm3fKGZm34DYVFveTrMK265xwT0n7GC3Ws7BNYd4kshMsxix8PqH2WSSXZ1%2FWm6s2qeiY809dikuF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c9e77b2e809b7d-FRA
expires
Sun, 10 Dec 2023 16:55:11 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CM3KPSZPCG
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9ffa44f6c58f4bb206585a83166c6182957a46deff30debdf1a6e21a31a8484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68827
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 16:55:12 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R0186S3LZJ
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dac6c9b2cef59d1d755ac03b461e83904c6e274dec4669591973fa24824da4d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76237
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 16:55:12 GMT
totaltrans.png
totalsportek.online/images/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalsportek.online/images/totaltrans.png
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
512473c04e601c98243af6517fdfbb80ba1f9b93efeff38d6cc80d7ccf2e5f09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16104
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88897
last-modified
Wed, 13 Apr 2022 23:23:27 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7VoPAkHYaxxiQq4ijSvPP8igmR%2BMkFvoMO8YERnLaWEnD89FeAfAH1zI%2BXwUFevkW7cOIc9SSGMbZiwsN5JAgabq1gwjw25%2Bbj0q%2FwuPpckTmUvJUBBRTgYf1iUzTv4vBVA7hD%2FSZb0D21vz6BLaD8d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77c9e77c19d091f5-FRA
expires
Wed, 20 Dec 2023 12:26:48 GMT
viewtag.js
fmnetwork.nl/tracking/abc/ 		163 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fmnetwork.nl/tracking/abc/viewtag.js?=v1
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79b49b6c00f172d7a962eb51bbe43f1e7ea4af2bb207af2898cb5749b6e378c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 20 May 2022 14:05:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6287a03b-a3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYG5jPRaCPlaSCScgD58gcederGplVGsL%2FV5dk8xIt%2Fz6IeBUzqwSOhf5adaDAJdCtPAf3tsGqjfOdvzA%2FNhDJz1kpM1SJQLE1Z6tub%2Fs2g7ZZz1OCI1Y67SW7yyKJZNb4TBSKSsrq0bmX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
77c9e77cac939205-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 20 Dec 2023 16:55:12 GMT
EFL%20Cup.png
streamsportal.com/images/ 		225 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://streamsportal.com/images/EFL%20Cup.png
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f988b091e793343634faf5bcc7f7bef4d267de604162d1e9835a433aaac584

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
104403
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
230647
last-modified
Wed, 08 Jan 2020 14:20:29 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNjUl4wtuWyVIYiexlkQ8WEez00VZDFvrtvTlVPnoNK1%2BCzUIX8Z%2BEhmwTRz77caeLON47UZbWWAwRw3YCBMZUGFl4bXhENIKwePnNqC4E0vBApb5A0XI0dNTXYYcbhwfjFq7c07%2BIlDJ%2BuF%2BoskKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77c9e77cdadf692e-FRA
expires
Tue, 19 Dec 2023 11:55:09 GMT
nhlteamlogo.png
streamsportal.com/images/ 		236 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://streamsportal.com/images/nhlteamlogo.png
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2268ba1198d26d2aa01f7efaaca910850ca902783fae1019c40d06102b0cc76

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3568085
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
242031
last-modified
Fri, 23 Sep 2022 18:53:31 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yI%2Fwtycu%2Fk6s9BsOvAf3vVsCkWMFPftW7TWWVKhANpu0%2BgSid7TQcs5dQoVR9AqB7z97h4pQ%2FyDKPFsWa9Ewy1rYKLdI%2Fvvaf%2BNF%2FO4L%2Fzq0poQR%2FXMLUV%2FnL78dhA1%2Be38YGW3XI8tSzF%2FhYIMnkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77c9e77cdae0692e-FRA
expires
Thu, 09 Nov 2023 09:47:07 GMT
nbateamlogo.png
streamsportal.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://streamsportal.com/images/nbateamlogo.png
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826ad46c6cedd52f8258bdfb0d3113dc9f3da6b885ea2c223b8d5ced3458ebd1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1607552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2934
last-modified
Fri, 23 Sep 2022 18:59:05 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZSI57GcHwBCEA9ZY4HwUVv1r5MpXuEEDppDY24XFrZV%2Bnam8r34%2BOzgO4P0ttNOQ7jTGTwmvBYZpPBKjAR8qIIfVLlJ86uxy5k%2FqBkTP4ponq6JYUEnmft2AmFa0pz0ypx%2BLS7DtE7BpMMDw4Dv3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77c9e77d7c87162b-DUS
expires
Sat, 02 Dec 2023 02:22:40 GMT
viewtag.js
keypush.net/tracking/abc/ 		163 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://keypush.net/tracking/abc/viewtag.js?=v1
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79b49b6c00f172d7a962eb51bbe43f1e7ea4af2bb207af2898cb5749b6e378c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 20 May 2022 14:05:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6287a03b-a3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIV42dFGedu2P%2FbOlho1WhNuPTnzt14GnGeBb1CFx1OR1%2FLgeV3KghdDUr3VGP2FlG2uBkJJlCjO0wBZ%2FONmnEFOvT%2Fh42HIouZvXn6jypFsOGaLXbOkxcyePxJPb8WT6MtUok0%2BEo0SLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
77c9e77c8ecc6934-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 20 Dec 2023 16:55:12 GMT
dmcaproteted.png
totalsportek.online/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totalsportek.online/dmcaproteted.png
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dda0d2f5a0098e76a0abea2dffaff9dc2bac9c3fa875109c802097d6e5c28c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3631205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15342
last-modified
Tue, 08 Nov 2022 14:13:52 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qOD%2FsUgwwctzplcMXv2r98bIIzQ%2FUvWI5nMrSoTNM%2FKLmAMH7RZyb3woib4x7PnOlVmNuHjlYxEGFCXO4qYNJmcd2Mu%2Bli%2BA%2FbFAgi3b2TtMhBejQZ7h2%2FcKGm6N8vaWv6b%2FdCOjKl%2BbqusJluau7Tj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
77c9e77c19d791f5-FRA
expires
Wed, 08 Nov 2023 16:15:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: totalsportek.online
URL: https://totalsportek.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 16:37:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2614126763130416
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17adc39f434ca0b9dfb981f4dca714a3d602008cb48dc8377f6619c6a6870dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119797
x-xss-protection
0
server
cafe
etag
5930473622345439638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 16:55:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 264C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2614126763130416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
10487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 14:00:25 GMT
etag
10353107486223812946
expires
Tue, 03 Jan 2023 14:00:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7ENYTLNB3P&gtm=2oebu0&_p=1533324141&cid=1028925191.1671555312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671555312&sct=1&seg=0&dl=https%3A%2F%2Ftotalsportek.online%2F&dt=TOTALSPORTEK%20-%20Sports%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ENYTLNB3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 16:55:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totalsportek.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CM3KPSZPCG&gtm=2oebu0&_p=1533324141&cid=1028925191.1671555312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671555312&sct=1&seg=0&dl=https%3A%2F%2Ftotalsportek.online%2F&dt=TOTALSPORTEK%20-%20Sports%20Stream&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM3KPSZPCG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 16:55:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totalsportek.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R0186S3LZJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM3KPSZPCG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4349000b1870c7ca01159660b89694708eb777ebc9b14dc6f5add7c4e4d9e5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 16:55:12 GMT
404.html
keypush.net/tracking/ Frame 1AC8
Redirect Chain
  • https://keypush.net/tracking/abc/mcheck.php
  • https://keypush.net/tracking/404.html
44 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://keypush.net/tracking/404.html
Requested by
Host: fmnetwork.nl
URL: https://fmnetwork.nl/tracking/abc/viewtag.js?=v1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eed2c64bcd40d135d8cc923ba8ae9a14ee42d7a4841fd175f2c32f932ea757b

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e77f0e189b8c-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Mon, 17 Dec 2018 16:44:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYlomgCCmgVfGOooB5oh0a8BORCYLFqRpO6a9jwBke2S4T2%2FyqpGsWbuL579vHlvImgvNnk95Wjfaj8LKnYlzPkekL2vEsXTXDJBdEY0ocCMfanLxeTEND4oWCwsznS4WzCqHcV4Uapd0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e77e3c669b8c-FRA
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 16:55:12 GMT
location
//keypush.net/tracking/404.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTkMgLvGnymIOqgjx%2F%2ByRIbXEUX8gNNWp8w%2FEmLSJEydk9UX%2Bm3GDcnApjIT%2FggM3V9P44f9drHejYtFRGdbk10X%2Fskhcc%2FN4BaZde9kc5ntRFLqRNGEYlDWuyJxBbV9qV%2Bn9xcELXoE4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R0186S3LZJ&gtm=2oebu0&_p=1533324141&cid=1028925191.1671555312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671555312&sct=1&seg=0&dl=https%3A%2F%2Ftotalsportek.online%2F&dt=TOTALSPORTEK%20-%20Sports%20Stream&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R0186S3LZJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 16:55:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://totalsportek.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin
https://totalsportek.online
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4141872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80148
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-13914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiJ86r5Ic9vkdgvgRko8S2px1PWw2trhcXoA%2FrMa1QNdnGkmoFE1zzuP6eWf4AEmk%2BMeiHRcXNvR%2Bd%2B0VxUdch%2FK0F0F921PJAhIkVeGR5nomwaLbLwtHXqyJ9Lh61j82JLz6O1WVkIzIFOfeYmI2yjr"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c9e77e5d53bb49-FRA
expires
Sun, 10 Dec 2023 16:55:12 GMT
tracking-nl.html
keypush.net/tracking/abc/ Frame 55C8
Redirect Chain
  • https://keypush.net/tracking/abc/mcheck.php
  • https://keypush.net/tracking/abc/tracking-nl.html
944 B
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://keypush.net/tracking/abc/tracking-nl.html
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/viewtag.js?=v1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58fcf6224b913574044c517071c4305e882b048daa5fbc96f3fd6dd99c5f530

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e77ecd989b8c-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Fri, 29 Jul 2022 13:55:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C70g7nB0DzzYAbwh1a46lnYAjkz44YujFNQe6lrFVRUzntextoalN69DQ057FV0Fdgtr0HHuOCOYU%2F5vLhAPPfR90qbyqHJ%2FpJ8z3fzR1ep6hrUYCxmrKd%2FpSWgpJjSGcPqrQ9faBwUBxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e77e4c6b9b8c-FRA
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 16:55:12 GMT
location
tracking-nl.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJx%2Bz1r44zWFXgX9ElOaS0%2FvgNQMt9LuP6lYZvPx0SVatQXmMmNfzW%2BMZl4avxsqa16nSUVx9gKNG213z7TLRPpSshQfp5P1T%2FBl%2FO4bX4qI3g2z%2FCxGdnqBIGPFJJ0UcCL2I5iDS8jLuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
cookie.js
partner.googleadservices.com/gampad/ 		405 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=totalsportek.online&callback=_gfp_s_&client=ca-pub-2614126763130416&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
996c6d2763ad0bc98678407e2838adc4d7cd26b8c12d0a4816b4f4459f0c684b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=totalsportek.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=totalsportek.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A1C3 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&adk=1812271804&adf=3025194257&lmt=1671555312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftotalsportek.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671555312213&bpp=8&bdt=403&idt=232&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7966435930296&frm=20&pv=2&ga_vid=1028925191.1671555312&ga_sid=1671555312&ga_hid=1533324141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071251%2C44780792&oid=2&pvsid=250940268893003&tmod=1946270160&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 16:55:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bet365-nl-1.html
trkad.network/tracking/ts2/ Frame 3299 		106 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trkad.network/tracking/ts2/bet365-nl-1.html
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/tracking-nl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9b7c70ed2d8b6be0d9c26d78622cd2996f1d56ebf25ed7d45aa70d6b404f10

Request headers

Referer
https://keypush.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e7808b20695e-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Mon, 25 Oct 2021 12:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZczyc%2BwB58EECNDPDoFIZq%2Bpzo8BW7d0vMdDdqz2XupZZqpEC0ZPAH0cjjRE3lZzfxHTYc2ZGBpDoqsBa8%2ByCaQZWQqAR0lR6b%2FmYnN4q2P38vg1qpWNl8%2B%2FNvw4tWk1hzog9eYsWB0kYYb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ub.html
trkad.network/tracking/ts2/ Frame B264 		99 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trkad.network/tracking/ts2/ub.html
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/tracking-nl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd8744b435b002980ba12f7c19622ec41815317d7d8c17f80bea520037a7290b

Request headers

Referer
https://keypush.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e7808b22695e-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Tue, 26 Jul 2022 08:11:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eTnn63%2BnAxv6AoCEG7TuDH1D9Q31wyUdqHSifbQnPZTHdElNwxkVn9QuvXnWyFttI5RqKwydgc1xZskvhaIAOjj0MuqPZmN5ID4%2BqB2FhzWrNeRMOvPPSXt3FP9pJ5dPsiBdsauBx4TNKV1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
piwik.js
tracking.keypush.net/ Frame 55C8 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.keypush.net/piwik.js
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/tracking-nl.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://keypush.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1778876
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Thu, 27 Oct 2022 03:43:57 GMT
server
cloudflare
etag
W/"6359fe7d-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqh0qH%2BigSC%2BzlPNPVckwHLrxiODAqgG77btpK0%2FaPZUpLQpH%2BATZFwhv%2Fp0zv85G9tQWoVc2NanEYouO3k%2BZ%2F4O6c14USpuG7Ga%2BBbPWoJTnZlJVXl4s%2BQzt4rJQdPaTL%2FbHHMM6gEczJ0zuc4%2Fa60hOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
77c9e77fcf5c6934-FRA
expires
Thu, 30 Nov 2023 02:47:16 GMT
piwik.php
tracking.keypush.net/ Frame 55C8 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking.keypush.net/piwik.php?action_name=&idsite=25&rec=1&r=547771&h=16&m=55&s=12&url=https%3A%2F%2Fkeypush.net%2Ftracking%2Fabc%2Ftracking-nl.html&urlref=https%3A%2F%2Ftotalsportek.online%2F&_id=f47670de849ee761&_idn=1&cs=windows-1252&send_image=0&_refts=1671555313&_ref=https%3A%2F%2Ftotalsportek.online%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=uqeG6Y&pf_net=0&pf_srv=50&pf_tfr=0&pf_dm1=14&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tracking.keypush.net
URL: https://tracking.keypush.net/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://keypush.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daeefc15466ea9cbf12ad023cba26d7e1d5180f74dc7c9079f8542074a94abea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11157
x-xss-protection
0
bet365-nl-2.html
trkad.network/tracking/ts2/ Frame 3299 		151 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trkad.network/tracking/ts2/bet365-nl-2.html
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/tracking-nl.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bc09cc8f8b35a4e2a2e7869348e5210cfb9fda9f9bcd21caa33927026e0348

Request headers

Referer
https://trkad.network/tracking/ts2/bet365-nl-1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e781cb0b9bef-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Tue, 26 Oct 2021 14:42:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppQjDNWA51tCx%2Bq%2Bj7ndyGcL3D57lY6X8q6FCdZSKdDbHS49B9QJ%2FaooZtj9xmzs6vWJ3CmgqNlcxn6qD8eNl1dCIZEEfGppuzUHZFVyXEg5AlIiyOI9i5cQzKitW2Rzn%2FS7bTFIhherznYk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ub-2.html
trkad.network/tracking/ts2/ Frame B264 		153 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trkad.network/tracking/ts2/ub-2.html
Requested by
Host: keypush.net
URL: https://keypush.net/tracking/abc/tracking-nl.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12a89d1750a33e3c2e1d1f63d644a4ddbf1aa167e091fc5fb40e0892e3dfdac

Request headers

Referer
https://trkad.network/tracking/ts2/ub.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c9e781cb109bef-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Dec 2022 16:55:12 GMT
last-modified
Fri, 29 Jul 2022 13:54:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQIpNQTRtn5yK11tpzA%2BxVTM5k7GTRTiHfiaNHhCgj8VbQ9%2Bqxywx5POFUvTAMwcWw%2FQZOQBssnlPfo4sp7E72ONdEAyn4X9cakAxt2VAIP8gPFW3d3ROIwFWgbcxNdOpjMH12yV1NnADfNO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
open-account
www.bet365.nl/olp/ Frame 3299 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bet365.nl/olp/open-account?affiliate=365_01088191
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.16 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://trkad.network/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-RAY
77c9e7831ff9996c-FRA
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 16:55:13 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy
same-origin
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
index.html
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264
Redirect Chain
  • https://b1.trickyrock.com/redirect.aspx?pid=86070334&bid=37910
  • https://www.unibet.nl/stan/campaign.do?cmpId=2763423&affiliateId=1&unibetTarget=/nl/sportsbook/welcome-offer/index.html&targetDomain=https://welcome.unibet.nl&btag=81745664_3D535ED0B7DE44D2BB51586A...
  • https://www.unibet.nl/stan/redirecttocampaign.do?cmpId=2763423&affiliateId=1&unibetTarget=/nl/sportsbook/welcome-offer/index.html&targetDomain=https://welcome.unibet.nl&btag=81745664_3D535ED0B7DE44...
  • https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d2e70a5d3744d26790205413ea32acefe8b94b6a86a31139e886f9b1c698377

Request headers

Referer
https://trkad.network/tracking/ts2/ub-2.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=900, immutable
cf-cache-status
MISS
cf-ray
77c9e7875ee1900c-FRA
content-encoding
br
content-md5
8UDgvDToekHx1QPuwrxOOw==
content-type
text/html; charset=utf-8
date
Tue, 20 Dec 2022 16:55:13 GMT
last-modified
Wed, 14 Dec 2022 14:13:55 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
f5558229-e01e-0044-7d93-14983d000000
x-ms-version
2014-02-14

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
date
Tue, 20 Dec 2022 16:55:13 GMT
expires
Tue, 20 Dec 2022 16:55:13 GMT
location
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
server
kindred-loadbalancer
strict-transport-security
max-age=63072000; preload
x-browser-class
A
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ooops-debug
/500-pages/www.unibet.nl/index.html
x-os-class
M
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2614126763130416&plah=totalsportek.online&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Dec 2022 16:55:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4198 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
102553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 12:26:00 GMT
expires
Tue, 19 Dec 2023 12:26:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 82E4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa01591d65e2c74e745a961db6cad2dc550e99c3cc1326a7611fe19c75e1980b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V1s0sE2dhK4QUfkIR9zt0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://totalsportek.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-V1s0sE2dhK4QUfkIR9zt0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 16:55:13 GMT
expires
Tue, 20 Dec 2022 16:55:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 82E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=250940268893003&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 4198 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:46:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 4198 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ziTDGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
master_tag.js
a1s-cdn.unibet.com/unibet/bannerflow/scripts/ Frame B264 		956 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
last-modified
Mon, 25 Apr 2022 12:19:34 GMT
server
kindred-loadbalancer
x-browser-class
A
etag
"3bc-5dd7996cc0ce1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=1800, public, must-revalidate
x-os-class
M
accept-ranges
bytes
content-length
956
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame B264 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 16:19:51 GMT
all.css
use.fontawesome.com/releases/v5.7.1/css/ Frame B264 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://welcome.unibet.nl/
Origin
https://welcome.unibet.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WHZFXNX74Y7SXW4E
age
803991
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6mL17F2DHA2/0Cm1nn1Cbx2caB2aMikWOJaELRPsFnR6VignkHi6r5Ecm9QYeI15cgZVoSWEFQI=
last-modified
Wed, 30 Jun 2021 15:45:37 GMT
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRvv4mRhGo%2F3Kh%2FTj2Ky54DRcYDTlw8xlpbDyopblIeuGHc80vavcDx7%2FV%2FsbLMI2%2FOzdHizJ2qFdj1TLt1dOCAlrxsmvSwgL4gfJPFougIKT2Y%2BGUciydMXdLs2%2F88ErheTw1KcQ1Zy57QflndD3aou"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77c9e788de5890ec-FRA
1-styles.css
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/1-styles.css
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7558342e4cd3e4a5b99969856b80d937017311c57ead3480ab8ecb2c3edcf9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
xF7ltqPPOwGGvCDWX0AyAQ==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:56 GMT
server
cloudflare
etag
W/"0x8DADDDD6FD5EF21"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3965391-101e-000d-3ac6-0fdad6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7888905900c-FRA
1-main.js
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/1-main.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
BPxI3njL/F0VV+nfOZx3Mw==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:56 GMT
server
cloudflare
etag
W/"0x8DADDDD6FF58075"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
77713bf9-701e-0079-62c6-0fee26000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7888907900c-FRA
css
fonts.googleapis.com/ Frame B264 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 15:45:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 16:55:14 GMT
read_json_bf.js
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/read_json_bf.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dce8507996e574c807484a6a829d7c07a397f48950a728c6873877c211ea87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
yEiOOsEvdLRa3308Kqw2ZA==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:58 GMT
server
cloudflare
etag
W/"0x8DADDDD710FA0E6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
70cd2f19-f01e-0058-60c6-0fca5d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7888908900c-FRA
custom.js
welcome.unibet.nl/ Frame B264 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.unibet.nl/custom.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
e/Aekt1V1fopj1X7y5r9MA==
age
113688
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 29 Mar 2022 08:25:09 GMT
server
cloudflare
etag
W/"0x8DA115DA300B0C1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
24b40bda-d01e-004f-4d08-036356000000
x-ms-version
2014-02-14
cf-ray
77c9e7888909900c-FRA
unibet-logo.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/unibet-logo.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb461ad12e6f931815042b57a447b64e8d3a06d1576c1f7c79b9c7e5a42a8b34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
cw5jdwcrd9gLyjDZb7Y7Jw==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:56 GMT
server
cloudflare
etag
W/"0x8DADDDD703DC987"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e227322f-e01e-006b-30c6-0f95f6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7895a9f900c-FRA
utv-logo.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		807 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/utv-logo.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
QazcDvviTF55mXL/M8kCWQ==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:56 GMT
server
cloudflare
etag
W/"0x8DADDDD70362984"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2b2a4437-c01e-0021-54c6-0f3679000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7898b02900c-FRA
sports.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/sports.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3effb86ea7f2f9f5f735269dcb9a1cb9cd0f1018dcceb98f1ccc6249a3556056

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
PFpPzOXLQADQvHS/jXtXpA==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:59 GMT
server
cloudflare
etag
W/"0x8DADDDD71C5DDFE"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c5f37df2-b01e-003b-4dc6-0f57a6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7898b0c900c-FRA
star.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/star.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b689e6f2fe5e2b4082c49e608461785760ee6a58f10a751a1385fd5dce91b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Vy723Ry7R35gqWLktmPWGg==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:59 GMT
server
cloudflare
etag
W/"0x8DADDDD71CC6CAC"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4777a3db-801e-0030-69c6-0faccd000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7898b0d900c-FRA
person.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/person.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b4a9e5517ea95c75e799d84a14dc442d9dbd6464e4fc7e025e2fb93012ad1c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
hFfOTexsP04F5TNWA0YvEg==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:58 GMT
server
cloudflare
etag
W/"0x8DADDDD717E581C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
64d4b3e8-701e-0024-53c6-0fe4a2000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7898b0f900c-FRA
cherry.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/cherry.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef061deeceef23cbbff7ca74fcb5c8101e632a5569b095c89b5b9cfb5c2811a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
5r9vOEzT38zHCX9vzbxgcA==
age
527850
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:13:58 GMT
server
cloudflare
etag
W/"0x8DADDDD7116F2CD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
29777f01-201e-0029-65c6-0f2c76000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
77c9e7898b11900c-FRA
gambling-commission.png
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/gambling-commission.png
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404e6c7bb9c0bf319071e33091985cd6f050ad9a707534e299d3a6049759c1ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
8fa081db-d01e-004f-2593-146356000000
x-ms-version
2014-02-14
cf-ray
77c9e7898b13900c-FRA
com-payments.svg
welcome.unibet.nl/nl/sportsbook/welcome-offer/ Frame B264 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/com-payments.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5201c06e7d648c15f08e3a8037a026611ef8349f2259e239013d81fc89bc27b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
e5bb6c18-701e-0056-6c93-14e3ed000000
x-ms-version
2014-02-14
cf-ray
77c9e7898b15900c-FRA
lastclick.min.js
a1s.unibet.com/orval/tracking/ Frame B264 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1s.unibet.com/orval/tracking/lastclick.min.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; preload
last-modified
Fri, 05 Aug 2022 12:55:42 GMT
server
kindred-loadbalancer
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class
A
etag
W/"705-5e57dfbd5830d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=1800, public, must-revalidate
x-os-class
M
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=250940268893003&bg=!-fql-r7NAAYgquz3AKo7ACkAdvg8WmC5IArMl3_AHi4uchxpsv2v4C4L9cl5VQgASH7wfxwf9ayvxgIAAABKUgAAAARoAQcKAITlvxCItd-NLxDh8IQLRdPIQNCT3dy1dsY-j9mXaPpRlkQphJfMhGb4M31GXfVlO_DazrW_l6yktrd0y9FGsj2UBb68lbNwN2-k_uMZxYiutUu_eg7MSYQbW6WK64fw54u-1m47X7y_ht9quomkDWXrmVng7h34Qtk4XPTxKsBYs6sdN_eZAsfaMniJkVeUMsvEBsq54UwBSb7FEP4yABl67W6IOK1T7dPw-SkdPY_Hv-IjLKG5VUTTiOf8zFh7XySPDL8tIQyQZ9qSlGUd193OuCoypfSQr4_U2btH-4XihXuKbhdyc1lKLcENaIzm9g0WOdIFHQ-lnLxyMZIEf8Ax-JpgX2T_Se8XhBspe-2JSN3aNb5ekGnx2-Tqodt-XX9uBxtUc-o3gyIT8K8LNJzfD6SeBjVtRQbdzKWvLqhTIZtRwlOGslJoDKExlGw5WpXXavwtIpBewhWvwTJE0wZSY8P7vNwUdqcg-fi4EGu9m-wz2cNc9vdwbxAFXJyxuIvmZWrDkYNvOkgfSlaNDC1ioRT-04FhVBW6ez8xcqyL-9r60JVUFqBPqndL600hLL1wlJPb1FJ4ee7iHh60ObuNjFkVhZxcWKVPv-jUt858Jq_wLm2-CQKOLw1b1R5V2kh7_IOgCvk3T-lgQssnl9XBN-CyBK_8ahqfTi3IZaByu5iDAB7kxpkTK9wR6re791i7xwLBRqK41FmmFbv8nBBbdvM1uQ8Xwt1PdkHPBhFhSruZvj5h2SH2AbBIlPzWRtCGNBUbXTi7EEFx0N-dgxgnKmlmeYTtn_FCg2q_jWQBBOPYomd09nhT4iN-txH_GKFM55ulAut67OiBqVyFdQnha-IjYBWZm2L2n25HaOYxIfatx29t2atOBFfs8l5adgRHaMi1Seur8f9-cGEqfurEYT0uzJkDTH-ZKIHW0UoADki6A_27qJg7atonDSx2qiqeJO-toM5-ODenI7l-3OkPLjSPVb9vqP1eaw29F9CX-TIoHPTbcSPt44fVy3CdI15Zz16FqJODLHvgx0cNZ6RvV_vB3tyKwq1FbGddZ2a9M5BCpIqAbW3KoxAOE2-ND_nrN83dxG_Zt5SP2W7zSSpri7totRW27_DyGv202Ds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://totalsportek.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
utag.js
tags.tiqcdn.com/utag/kindred/bannerflow/prod/ Frame B264 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/kindred/bannerflow/prod/utag.js
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.246.168.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-251.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42167bad6949b1762707914efe5fef8f2532421fb68c1ad124d55d38b75c2080

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 14:20:21 GMT
server
AkamaiNetStorage
etag
"008b2c77e66c5da53896c309b444177d:1671459621.890429"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
37805
expires
Tue, 20 Dec 2022 17:00:14 GMT
621e3c7dac22a284b8b7e5c5.json
c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/ Frame B264 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/621e3c7dac22a284b8b7e5c5.json?cb=1671555314206
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/read_json_bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5374b6c69236b8a580539e48cd33ae0ac89b5ef9f29217cbb8c937e81032668

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 20 Dec 2022 16:55:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=15, stale-if-error=28800, stale-while-revalidate=28800
cf-ray
77c9e78a7bae9bd6-FRA
request-context
appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b
legal-logo-better-9c9377e0-9d9f-4ebc-b718-c3bdbd7fc29e.png
cdn.bannerflow.com/resources/ Frame B264 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/legal-logo-better-9c9377e0-9d9f-4ebc-b718-c3bdbd7fc29e.png
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726d5ed29e17cc0cc484b6de1994b48780dd86aab3989fb9a508efdbd3df0fe8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
cf-cache-status
REVALIDATED
content-md5
zTiTsH8jsmt66XAOmtdMGg==
cf-polished
origFmt=png, origSize=3098
content-disposition
inline; filename="legal-logo-better-9c9377e0-9d9f-4ebc-b718-c3bdbd7fc29e.webp"
content-length
1862
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Mon, 30 May 2022 12:14:54 GMT
server
cloudflare
etag
"0x8DA42360142E0DC"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
f23888ff-d01e-005f-3560-0ea63e000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
77c9e78cbafa9150-FRA
nl-payments-72757051-f6d8-4de1-b4e5-a121551c3499-24bac72e-612c-4649-ba10-8dc2f476ecad.png
cdn.bannerflow.com/resources/ Frame B264 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/nl-payments-72757051-f6d8-4de1-b4e5-a121551c3499-24bac72e-612c-4649-ba10-8dc2f476ecad.png
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57cada67a9368b5712ff5710d5e4c12f2515da6e70573e71a0535f51718ce235

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
cf-cache-status
REVALIDATED
content-md5
qAkf+JyfMj3/9y4db0wERA==
cf-polished
origFmt=png, origSize=33522
content-disposition
inline; filename="nl-payments-72757051-f6d8-4de1-b4e5-a121551c3499-24bac72e-612c-4649-ba10-8dc2f476ecad.webp"
content-length
12734
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 06 Apr 2022 12:23:13 GMT
server
cloudflare
etag
"0x8DA17C838C2A948"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
7afd9828-f01e-003a-0f83-96087a000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
77c9e78ccb159150-FRA
456a245e-3b0b-4cfd-874f-f3ce34716ab0.png
c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/ Frame B264 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/unibet/55dacb16e347271ec0d5101b/images/456a245e-3b0b-4cfd-874f-f3ce34716ab0.png
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b8a069a79733379e988eb7e6e1504579dc4253d95f55fbe7af1ee4a4282d17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
cf-cache-status
HIT
content-md5
/nJ+JnnegaOLLW4bf1mH/Q==
age
4520
content-length
111411
x-ms-lease-status
unlocked
last-modified
Wed, 31 Aug 2022 10:22:10 GMT
server
cloudflare
etag
"0x8DA8B3AA9FD095D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6242b5a1-a01e-008f-4745-f5644c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
77c9e78c6d679255-FRA
18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
cdn.bannerflow.com/resources/ Frame B264 		1 KB
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
Requested by
Host: welcome.unibet.nl
URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/index.html?mktid=1:81745664:86070334-37910&btag=81745664_3D535ED0B7DE44D2BB51586A1E54ADE2&bid=37910&campaignId=2763423&pid=86070334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aebc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236697ea60459d9dd37a6550a42916ece502faaf3c86f93c26b7a4026aa53bdb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
DtBEzXf8HuXNecd90Rx/1w==
age
254
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 27 Nov 2020 14:00:01 GMT
server
cloudflare
etag
W/"0x8D892DCBC244A27"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
24c9cbcd-201e-0016-0e68-d7e4d5000000
cache-control
public,max-age=604800
x-ms-version
2014-02-14
cf-ray
77c9e78ccb0d9150-FRA
uc.js
consent.cookiebot.com/ Frame B264 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/bannerflow/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6798 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ecea9fd901f0e775209188c51d1fce00cb090107eecf9ed05bc13757419eaac8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://welcome.unibet.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Tue, 20 Dec 2022 16:55:14 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 07:27:34 GMT
etag
"3cf18f5ec4ed91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=587
accept-ranges
bytes
content-length
32025
expires
Tue, 20 Dec 2022 17:05:01 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame A01D 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:38c::f09 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://welcome.unibet.nl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
date
Tue, 20 Dec 2022 16:55:15 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Wed, 20 Dec 2023 16:55:15 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
keypush.net/tracking/abc Name: trackerad
Value: 1
.totalsportek.online/ Name: _ga_7ENYTLNB3P
Value: GS1.1.1671555312.1.0.1671555312.0.0.0
.totalsportek.online/ Name: _ga
Value: GA1.1.1028925191.1671555312
.totalsportek.online/ Name: _ga_CM3KPSZPCG
Value: GS1.1.1671555312.1.0.1671555312.0.0.0
.totalsportek.online/ Name: _ga_R0186S3LZJ
Value: GS1.1.1671555312.1.0.1671555312.0.0.0
.totalsportek.online/ Name: __gads
Value: ID=f0f73d01f2110e8b-22b8648934da00ae:T=1671555312:RT=1671555312:S=ALNI_MZhxrtXuxsM9mdSGM9kUKHUZdmGmw
.totalsportek.online/ Name: __gpi
Value: UID=00000b95865660c8:T=1671555312:RT=1671555312:S=ALNI_MaeZW4-b-o1xlnv2TTuh1L60Xgz_g
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bet365.nl/ Name: __cf_bm
Value: nH1qnpljTC5HiBqFSMK0Dphx88yZArAffHHLoJxtwRs-1671555313-0-AQCRyxwPjCblnlKlpZFBiPQtgRU2LD6gWbweDAUEM5wf5SWWQI2kE7m6ysn2WI3FXqhMXFWMeDoBMk4YDgLMXZI=
.trickyrock.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a86070334%2c%22BID%22%3a37910%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671555313344)%5c%2f%22%2c%22CookieTag%22%3a%2237910860703348%3a%3a0001%3a430a%3a0204%3a8fa1%3a1002C202212201655%22%7d%5d
.unibet.nl/ Name: __ucbt
Value: node06ynv6qo76lhb1ooo5jhw6ussq
.unibet.nl/ Name: uniattr
Value: ST.0.T
.unibet.nl/ Name: uniattr_ref
Value: "https://trkad.network/"
.unibet.nl/ Name: campaignId
Value: 2763423
.unibet.nl/ Name: framework.forceBigLandingArea
Value:
.unibet.nl/ Name: affiliateId
Value: 1
.unibet.nl/ Name: B-TAG
Value: 81745664_3D535ED0B7DE44D2BB51586A1E54ADE2
.unibet.nl/ Name: BID
Value: 37910
.unibet.nl/ Name: PID
Value: 86070334
.unibet.nl/ Name: REFERER
Value: https%3A%2F%2Ftrkad.network%2F
.unibet.nl/ Name: AFFILIATE_REQUEST_URL
Value: https%3A%2F%2Fwww.unibet.nl%2Fstan%2Fcampaign.do%3FcmpId%3D2763423%26affiliateId%3D1%26unibetTarget%3D%2Fnl%2Fsportsbook%2Fwelcome-offer%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nl%26btag%3D81745664_3D535ED0B7DE44D2BB51586A1E54ADE2%26affiliateId%3D1%26pid%3D86070334%26bid%3D37910
.unibet.nl/ Name: AFFILIATE_CAMPAIGN_ID
Value: 2763423
.www.unibet.nl/ Name: clientId
Value: polopoly_desktop
.a1s-cdn.unibet.com/ Name: clientId
Value: polopoly_desktop
.a1s.unibet.com/ Name: clientId
Value: polopoly_desktop

6 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2614126763130416&output=html&adk=1812271804&adf=3025194257&lmt=1671555312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftotalsportek.online%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671555312213&bpp=8&bdt=403&idt=232&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7966435930296&frm=20&pv=2&ga_vid=1028925191.1671555312&ga_sid=1671555312&ga_hid=1533324141&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071251%2C44780792&oid=2&pvsid=250940268893003&tmod=1946270160&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tracking.keypush.net/piwik.php?action_name=&idsite=25&rec=1&r=547771&h=16&m=55&s=12&url=https%3A%2F%2Fkeypush.net%2Ftracking%2Fabc%2Ftracking-nl.html&urlref=https%3A%2F%2Ftotalsportek.online%2F&_id=f47670de849ee761&_idn=1&cs=windows-1252&send_image=0&_refts=1671555313&_ref=https%3A%2F%2Ftotalsportek.online%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=uqeG6Y&pf_net=0&pf_srv=50&pf_tfr=0&pf_dm1=14&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.bet365.nl/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/com-payments.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://welcome.unibet.nl/nl/sportsbook/welcome-offer/gambling-commission.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1s-cdn.unibet.com
a1s.unibet.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
b1.trickyrock.com
c.bannerflow.net
cdn.bannerflow.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.cookiebot.com
consentcdn.cookiebot.com
fmnetwork.nl
fonts.googleapis.com
googleads.g.doubleclick.net
keypush.net
pagead2.googlesyndication.com
partner.googleadservices.com
pro.fontawesome.com
region1.google-analytics.com
streamsportal.com
tags.tiqcdn.com
totalsportek.online
tpc.googlesyndication.com
tracking.keypush.net
trkad.network
use.fontawesome.com
welcome.unibet.nl
www.bet365.nl
www.cssscript.com
www.google.com
www.googletagmanager.com
www.unibet.nl
188.114.96.12
2001:4860:4802:34::36
2606:4700:3033::ac43:c137
2606:4700:3037::6815:8bc
2606:4700::6810:5514
2606:4700::6810:aebc
2606:4700::6810:d40
2606:4700::6811:180e
2606:4700::6812:1634
2606:4700::6812:19bc
2606:4700:e2::ac40:840f
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:400d:805::200a
2a00:1450:400d:806::2001
2a00:1450:400d:80e::2002
2a02:26f0:1700:11::b856:6798
2a02:26f0:dc:38c::f09
2a02:26f0:dc::6853:439
2a06:98c1:3120::3
2a06:98c1:3120::c
2a06:98c1:3121::3
2a06:98c1:3121::c
5.226.179.16
72.246.168.251
85.184.96.0
85.184.96.5
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0eed2c64bcd40d135d8cc923ba8ae9a14ee42d7a4841fd175f2c32f932ea757b
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167a8ce4c190c493bf9687ca6ab2607ec952c8e197e78935b1c3c7a1e8f341ea
17adc39f434ca0b9dfb981f4dca714a3d602008cb48dc8377f6619c6a6870dba
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
1a91fab46f128a63c74943fe6db7de41509d69ae9f4e36aab9f984cac94fa451
1dda0d2f5a0098e76a0abea2dffaff9dc2bac9c3fa875109c802097d6e5c28c8
1ea2ba27bba2ed6ddbee3b62e160760a77c60b36068500763588f3350840bfe8
236697ea60459d9dd37a6550a42916ece502faaf3c86f93c26b7a4026aa53bdb
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
3effb86ea7f2f9f5f735269dcb9a1cb9cd0f1018dcceb98f1ccc6249a3556056
404e6c7bb9c0bf319071e33091985cd6f050ad9a707534e299d3a6049759c1ad
42167bad6949b1762707914efe5fef8f2532421fb68c1ad124d55d38b75c2080
4349000b1870c7ca01159660b89694708eb777ebc9b14dc6f5add7c4e4d9e5ed
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
512473c04e601c98243af6517fdfbb80ba1f9b93efeff38d6cc80d7ccf2e5f09
5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cada67a9368b5712ff5710d5e4c12f2515da6e70573e71a0535f51718ce235
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
70f988b091e793343634faf5bcc7f7bef4d267de604162d1e9835a433aaac584
71b4a9e5517ea95c75e799d84a14dc442d9dbd6464e4fc7e025e2fb93012ad1c
726d5ed29e17cc0cc484b6de1994b48780dd86aab3989fb9a508efdbd3df0fe8
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7d2e70a5d3744d26790205413ea32acefe8b94b6a86a31139e886f9b1c698377
7ef061deeceef23cbbff7ca74fcb5c8101e632a5569b095c89b5b9cfb5c2811a
826ad46c6cedd52f8258bdfb0d3113dc9f3da6b885ea2c223b8d5ced3458ebd1
84740c447fdf2517db31ab59de2ae7abf1a6ce574ab20687c67dd5ef6dee9c8e
86fd0b372c7e4dbc6a7d960ea3528bb436d027bbb17bfffd988595940e7c3676
8858611fa56ec1d55dc57e0325e51bda6a454fa3372aaeee29b02c0aa287e2dd
8e9b7c70ed2d8b6be0d9c26d78622cd2996f1d56ebf25ed7d45aa70d6b404f10
996c6d2763ad0bc98678407e2838adc4d7cd26b8c12d0a4816b4f4459f0c684b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79b49b6c00f172d7a962eb51bbe43f1e7ea4af2bb207af2898cb5749b6e378c
bb461ad12e6f931815042b57a447b64e8d3a06d1576c1f7c79b9c7e5a42a8b34
bd8744b435b002980ba12f7c19622ec41815317d7d8c17f80bea520037a7290b
c2b8a069a79733379e988eb7e6e1504579dc4253d95f55fbe7af1ee4a4282d17
c5374b6c69236b8a580539e48cd33ae0ac89b5ef9f29217cbb8c937e81032668
c7558342e4cd3e4a5b99969856b80d937017311c57ead3480ab8ecb2c3edcf9a
d2268ba1198d26d2aa01f7efaaca910850ca902783fae1019c40d06102b0cc76
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dac6c9b2cef59d1d755ac03b461e83904c6e274dec4669591973fa24824da4d0
daeefc15466ea9cbf12ad023cba26d7e1d5180f74dc7c9079f8542074a94abea
decd6f04cad921d54a6ea7f2aee7b40c0832e5b44c181089a6ea245d6caa3140
e12a89d1750a33e3c2e1d1f63d644a4ddbf1aa167e091fc5fb40e0892e3dfdac
e1dce8507996e574c807484a6a829d7c07a397f48950a728c6873877c211ea87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5201c06e7d648c15f08e3a8037a026611ef8349f2259e239013d81fc89bc27b
e58fcf6224b913574044c517071c4305e882b048daa5fbc96f3fd6dd99c5f530
e7b689e6f2fe5e2b4082c49e608461785760ee6a58f10a751a1385fd5dce91b6
ebb895a9e78cfa6be018b7aaec6de0bae6f0366a043393add067cdbdd2011f2f
ecea9fd901f0e775209188c51d1fce00cb090107eecf9ed05bc13757419eaac8
f4bc09cc8f8b35a4e2a2e7869348e5210cfb9fda9f9bcd21caa33927026e0348
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9ffa44f6c58f4bb206585a83166c6182957a46deff30debdf1a6e21a31a8484
fa01591d65e2c74e745a961db6cad2dc550e99c3cc1326a7611fe19c75e1980b