22bets.me Open in urlscan Pro
178.253.36.3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://umbrellacorporation.id/ Page URL
2. http://href.li/?http://groorsoa.net/4/6634700 HTTP 301
   https://href.li/?http://groorsoa.net/4/6634700 Page URL
   
3. http://groorsoa.net/4/6634700 Page URL
4. http://groorsoa.net/?z=6634700&syncedCookie=true&rhd=false HTTP 302
   https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
   
5. https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
6. https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=dgzJuZkU_2L_isao25FQduumWwKFc8DI5C4vWD3o0Mhh0WFgoqWaACismKb_Qug6aB2Wp3-BQkU56hZ-unQt5tgcTLxP2f5ZA9hTtdfWLP6bKgbVeClHuM4DqYhjTpxX7CC5ev0M5v9lruP6_n6DzXlIsKVqrkj60o9I6URQ9Xuh608pfg_6f48nnVFN6knujmYI5Nus9VUWgdJwu9f-8PmwknBChGhyNicaLll_oY58L9mgygNMw8ZfHv7NOf4pPgqOCfmi4fP_aMFsHftRhGSbXEQEcu6uTttyabiFe3RrwMbGWjaexvt93BFkdjf1NTiUNMkF6on4rCYYYuFnLiOoEHcGJ9lfMYOlvOfLXfv9Sog4-YCuuvxEI-PdkOiDN_lBobv62dGNCZ0-56RlxC2OHTgAdmH-2CoUvDx8pthCYQ7r3hE8WwLBAG9Ra053_ObJYhrf3NNSUZvhS8y409fjkUn1arG-vWnK62lwcGMNzV1l2ScNajv6taT13GXkVtnw0mvFO4UE6l6Vr6w5rBaBUNs79ymondck4wSsaiS63raj6DV06-XWSGB0ltW0hhGHg4VAzKooqJZbaBqPoTkVWhMixZOE0lDqMGY5rzyCxyhu606TgrGjf1-WivkGypfr3kJAyjCbsr5GUtXUiRWB2XlmXExwo6EiYrotzrkyK1nyWRluPl9L4gmiA-9IhIijR57UHH73RORWa3iDaxaPMeQ&oaid=d82e0faa1a7e7bd9daeeda3b35fb538f HTTP 302
   https://plinksplanet.com/click.php?key=5invtnsm87jnjrhy1otc&clickid=2bc8a097-92fb-4583-8d03-679038b7651c&cost=0.0049&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-11-28&BID_PUB=0.0049&CR_ID=36568&PUB_NAME=Propeller-POP HTTP 302
   https://ad.22betpartners.com/redirect.aspx?pid=39470&bid=1484&lpid=367&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 HTTP 307
   https://link22.world/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 HTTP 307
   https://22bets.me/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 HTTP 307
   https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• http://href.li/?http://groorsoa.net/4/6634700 HTTP 301
• https://href.li/?http://groorsoa.net/4/6634700

Request Chain 50

• http://groorsoa.net/?z=6634700&syncedCookie=true&rhd=false HTTP 302
• https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Request Chain 133

• https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
• https://s2.adform.net/banners/scripts/st/trackpoint-async.js

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response umbrellacorporation.id/	13 KB 3 KB	1053ms 186ms	Document text/html	198.11.182.95 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.11.182.95 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash cba7d3cab854456988f2ad54690727c9eccc3e83152f67b7d3b5d375b0e0ad2a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:16 GMT server Apache vary Accept-Encoding
GET H2	200	tag.min.js Show response alwingulla.com/88/	71 KB 23 KB	120ms 42ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alwingulla.com/88/tag.min.js Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8626828a4ee9a6e8577bddb99dd3fe57d266b50a938fd8cd03934185f41b2de7 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:17 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 38632 alt-svc h3=":443"; ma=86400 x-trace-id 14635f6d40700ae2c83bccdbb4ef11e7 pragma no-cache last-modified Mon, 27 Nov 2023 11:31:59 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4KLcpFlmPfFRmKC0Xw6CmLlAfe4wBvH2HI5PxfwfAvEXBKmvQdDOfz1Mi6fEjLZe7rMQKTI7%2FEwoPB0dIr3kYWlwS2uCXpb%2BKy9IOkaKCwVtdHWBrUe%2Fsigz5IUNiSlSA5xyJO8jNtMxps8tA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 access-control-allow-credentials true vary Accept-Encoding timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 82d496f43e861d94-FRA expires Wed, 29 Nov 2023 07:30:25 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	352ms 35ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700 Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:15:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:17 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 647 B	359ms 42ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,700 Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c3c736b80c318c7323b9f2b6a3b2ddd6e78e5aeeed7e9d648c6b1d7e97691024 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:20:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:17 GMT
GET H2	200	1636808300229-Security_system.jpg cdn.templates.unlayer.com/assets/	1 MB 1 MB	147ms 37ms	Image image/jpeg	2600:9000:223e:0:18:22ec:76c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.templates.unlayer.com/assets/1636808300229-Security_system.jpg Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:0:18:22ec:76c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fcef0e44a0282b27705de0c7fe27628695af32ed60f58f8ff54f8f4de0d7ed40 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 21:33:08 GMT via 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront) last-modified Sat, 13 Nov 2021 12:58:22 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 74470 etag "581743f921a7a59434999207d89266d8" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 1330124 x-amz-cf-id cb1sur0DaXKKZM1wWtNUcZOcuyQzUpty6ppTB1_6S-IrWcTH9bQJIQ==
GET H2	200	3327 Show response veepteero.com/88/	3 KB 2 KB	445ms 57ms	Fetch application/json	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://veepteero.com/88/3327 Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9176f8f1b89d6726b6c75733de298f6ba0257caff24d374fbf67e6ab3708562e Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache, no-cache date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://umbrellacorporation.id cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	116ms 55ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://umbrellacorporation.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:29:28 GMT x-content-type-options nosniff age 359089 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Nov 2024 14:29:28 GMT
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v29/	47 KB 48 KB	86ms 25ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://umbrellacorporation.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:01:37 GMT x-content-type-options nosniff age 508360 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48208 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Nov 2024 21:01:37 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 548 B	152ms 50ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=d3ec9d731a2443acab23f62a3b7995aa Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash df0787f6c05ab9a645a4f4a4ad4236b7e215872e77e233cb39cd4c72a5ef042a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	tag.min.js Show response ibrapush.com/pfe/current/	13 KB 6 KB	168ms 47ms	Script application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/pfe/current/tag.min.js?z=6189565 Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip last-modified Mon, 27 Nov 2023 17:44:23 GMT server nginx etag W/"6564d577-33f4" content-type application/javascript cache-control no-cache access-control-allow-credentials true link <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
GET H2	200	6189564 Show response aistekso.net/401/	87 KB 34 KB	197ms 98ms	Script application/javascript	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://aistekso.net/401/6189564 Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1b60fda213ee49cea84bb3dc51caef753b1534fbeeabb594490b9b3bc68f60de Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 48b326127d61a5383a31c0a431caa888 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	6189562 Show response gishejuy.com/400/	80 KB 31 KB	252ms 147ms	Script application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gishejuy.com/400/6189562 Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9d847909f0cbe7d92dbe75c5c622bdae79a31d82df5b43ce935dacc8f6062997 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id f1d45cf2a402918e5985b4117e0de070 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	1 Show response cameesse.net/	42 KB 16 KB	195ms 99ms	Script text/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/1?z=6189563 Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash f04502ab2a5d389aedd54b10b0fe377f8c30362352a8b2b0375b491f10de0853 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id e256aa72868893e1efa67472ab6155a9 pragma no-cache date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip x-sc uSOXgdDzzscGBDTKMh0WX7WbLL3tKe0K943sSj9QEW5UoHZgPgnfePlHLgIKbGM_2k_EK0pyM8_mhl4sj-G08lYGUKY= server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response veepteero.com/	2 KB 2 KB	428ms 85ms	Fetch application/json	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://veepteero.com/?rb=QGndRNzcTZzSL2Km8xbzUNKoZMLM_l7ptMJRECJ9B1ecTgR4FSFaS_rxXDv9UWBxAyiYui194dOrGc-JLAdA7oFoapZTudPUKig_ySIsH8Y9z0uPeJl_NR3nmWzmTVHrOoxh0ZbWBtMV1kS2aC0jQ6Xz6c29q0VyZU8IvK3IpplxACvgkbbO8tC_0K1_CHzGFdByDYQOJ8xK1k1c83pgK3RyRw3jj0WkYOK6GbSKzxBXUIr0fusWQyTdc6SJxqhYZphMjWD7KOMJFP_SxLFoDrVl90d51mA--SeMqw%3D%3D&request_ab2=0&zoneid=6189561&js_build=iclick-v1.633.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fumbrellacorporation.id%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.633.0&bs=3cd88caa-0c37-4b86-acc8-ff0049676b5b&userId=d3ec9d731a2443acab23f62a3b7995aa&m=link Requested by Host: alwingulla.com URL: https://alwingulla.com/88/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1348a278f6e1a5ca8caf9723f406b4a30ddcd110f1b401cedb5f38f7003eba25 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 01c510cf6b4e8a5af9350a51bcd65c07 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://umbrellacorporation.id cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	zone Show response ibrapush.com/	882 B 1 KB	287ms 287ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/zone?pub=0&zone_id=6189565&is_mobile=false&domain=umbrellacorporation.id&var=&ymid=&var_3=&tg=0&sw=3.1.471 Requested by Host: ibrapush.com URL: https://ibrapush.com/pfe/current/tag.min.js?z=6189565 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 773acfeca23630c6f9edd12172aa6b4de94a1c572377fb2c997f74af16d658a8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id 0884d3c53e95426d2b4b37a8d0acdc48 date Tue, 28 Nov 2023 18:14:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 882
GET H2	200	universal.min.js Show response ibrapush.com/pfe/current/	86 KB 33 KB	140ms 45ms	Fetch application/javascript	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/pfe/current/universal.min.js?v=3.1.471 Requested by Host: ibrapush.com URL: https://ibrapush.com/pfe/current/tag.min.js?z=6189565 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 18:14:17 GMT content-encoding gzip last-modified Mon, 27 Nov 2023 17:44:23 GMT server nginx etag W/"6564d577-1572c" content-type application/javascript access-control-allow-origin https://umbrellacorporation.id cache-control no-cache access-control-allow-credentials true
GET H2	200	b7af9eee900df9a8aa2af9ad8ee46174 Show response cameesse.net/27/	403 KB 128 KB	51ms 50ms	Script application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174 Requested by Host: cameesse.net URL: https://cameesse.net/1?z=6189563 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id 5da13f527afc7d0d0801370a24c2973c date Tue, 28 Nov 2023 18:14:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Fri, 24 Nov 2023 06:46:08 GMT server nginx content-encoding gzip access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control max-age:290304000, public access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Fri, 24 Dec 2083 06:46:08 GMT
GET H2	200	stattag.js Show response tzegilo.com/	19 KB 8 KB	132ms 41ms	Script application/javascript	2606:4700:3036::ac43:c134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tzegilo.com/stattag.js Requested by Host: aistekso.net URL: https://aistekso.net/401/6189564 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:17 GMT content-encoding br cf-cache-status HIT last-modified Thu, 07 Sep 2023 08:19:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 755 etag W/"64f987a8-4a4b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D51bNddf6zqFRDWpgUj2lBbtAMG9k17p9CoGK7xIu5i7ybwSJ0kZfcMF6LBrejFZ9MD8nDPDlwh7jRjLUCY1NaJ5Aek%2BfztSek6IU6kOHAw%2Ftl6gJkw0%2BOAYK9bEmvkk1SK9muHXJL7AqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82d496fa1ff4363d-FRA link <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin alt-svc h3=":443"; ma=86400
POST H2	200	9 Show response cameesse.net/	6 KB 3 KB	46ms 46ms	XHR application/json	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6189563&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fumbrellacorporation.id%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=d3ec9d731a2443acab23f62a3b7995aa Requested by Host: cameesse.net URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash df7c4e87634b077ae3c5d4267df4d39103a439fd1fc4bf0507fe368a2ccff551 Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 9091ceae7d8b4566d3fed4bbd63f3f86 pragma no-cache date Tue, 28 Nov 2023 18:14:18 GMT content-encoding gzip server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
OPTIONS H2	204	9 cameesse.net/ Frame	0 0	152ms 50ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6189563&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fumbrellacorporation.id%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=d3ec9d731a2443acab23f62a3b7995aa Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://umbrellacorporation.id cache-control no-store, no-cache, must-revalidate, max-age=0 date Tue, 28 Nov 2023 18:14:18 GMT expires Mon, 26 Jul 1997 05:00:00 GMT pragma no-cache server nginx
POST H/1.1	200 OK	add Show response fleraprt.com/log/	12 B 492 B	162ms 55ms	XHR application/json	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 28 Nov 2023 18:14:53 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://umbrellacorporation.id Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 12
OPTIONS H2	200	custom ibrapush.com/ Frame	0 0	40ms 39ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://umbrellacorporation.id access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Tue, 28 Nov 2023 18:14:18 GMT server nginx
OPTIONS H2	200	custom ibrapush.com/ Frame	0 0	39ms 39ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://umbrellacorporation.id access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Tue, 28 Nov 2023 18:14:18 GMT server nginx
POST H2	200	custom Show response ibrapush.com/	39 B 336 B	44ms 42ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 0ef328f399ff9db26f7293d546e61447 date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
POST H2	200	custom Show response ibrapush.com/	39 B 335 B	82ms 82ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 19a14e13fcb91e8ed92dca4b614339b0 date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
GET H2	200	sw.js Show response umbrellacorporation.id/	5 KB 2 KB	191ms 191ms	Fetch application/javascript	198.11.182.95 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://umbrellacorporation.id/sw.js Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.11.182.95 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash 47811d86de4c1cabe57de33a79e81e4105f9ed5316219406968f2e0d06180873 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT content-encoding gzip last-modified Fri, 04 Aug 2023 08:45:48 GMT server Apache etag "1474-60214ec579149-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2382
GET H2	200	6189564 Show response aistekso.net/500/	1 KB 1 KB	129ms 128ms	XHR application/javascript	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://aistekso.net/500/6189564?excludes=&oaid=d3ec9d731a2443acab23f62a3b7995aa&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fumbrellacorporation.id%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.311.0 Requested by Host: aistekso.net URL: https://aistekso.net/401/6189564 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash dc6897f333d5eb5202c869aba6e2813e1a38beb1a4224f58897080a822461a05 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 90ef29b39926183fb0de8d01e809e910 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	6189564 aistekso.net/500/ Frame	0 0	139ms 46ms	Preflight	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://aistekso.net/500/6189564?excludes=&oaid=d3ec9d731a2443acab23f62a3b7995aa&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fumbrellacorporation.id%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.311.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://umbrellacorporation.id access-control-max-age 600 allow GET, OPTIONS content-length 0 date Tue, 28 Nov 2023 18:14:18 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	6189562 gishejuy.com/500/	4 KB 4 KB	64ms 64ms	XHR application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gishejuy.com/500/6189562?excludes=&oaid=d3ec9d731a2443acab23f62a3b7995aa&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fumbrellacorporation.id%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.311.0 Requested by Host: gishejuy.com URL: https://gishejuy.com/400/6189562 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 44b69c260c4c2bd60971e0faa87b5159 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	6189562 gishejuy.com/500/ Frame	0 0	471ms 370ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gishejuy.com/500/6189562?excludes=&oaid=d3ec9d731a2443acab23f62a3b7995aa&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fumbrellacorporation.id%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&js_build=8&sw_version=v1.311.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://umbrellacorporation.id access-control-max-age 600 allow GET, OPTIONS content-length 0 date Tue, 28 Nov 2023 18:14:18 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	11 Show response cameesse.net/	0 598 B	52ms 52ms	XHR image/jpeg	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/11?rnd=3243379337&z=6189563&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=rPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4&ruid=7f88ff10-dce3-413e-85ea-600ef9006e27&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fumbrellacorporation.id%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=201 Requested by Host: cameesse.net URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id 8cc2322cc535f5cce3ecd2752c4caa98 pragma no-cache date Tue, 28 Nov 2023 18:14:18 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ interstitial-08.com/ Frame 02AD	21 KB 5 KB	272ms 79ms	Document text/html	139.45.197.151 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Requested by Host: cameesse.net URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / PHP/7.4.33 Resource Hash Request headers Referer https://umbrellacorporation.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:18 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.33
OPTIONS H2	200	custom ibrapush.com/ Frame	0 0	49ms 49ms	Preflight text/plain	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://umbrellacorporation.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://umbrellacorporation.id access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Tue, 28 Nov 2023 18:14:18 GMT server nginx
POST H2	200	custom Show response ibrapush.com/	39 B 335 B	42ms 41ms	Fetch application/json	139.45.197.250 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ibrapush.com/custom Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://umbrellacorporation.id/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 4f8cd6ab375a01e92add6e25f91263ad date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
GET H2	200	gid.js Show response my.rtmark.net/	65 B 547 B	55ms 55ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=37845ff54b8f446c9a924d7e11627106&zoneId=6189565&checkDuplicate=true&ymid=&var= Requested by Host: umbrellacorporation.id URL: https://umbrellacorporation.id/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash df0787f6c05ab9a645a4f4a4ad4236b7e215872e77e233cb39cd4c72a5ef042a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://umbrellacorporation.id access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	17ebb869da9235f06a74f528304b0892.png offerimage.com/www/images/	33 KB 33 KB	130ms 41ms	Image image/png	2606:4700:10::6816:20ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offerimage.com/www/images/17ebb869da9235f06a74f528304b0892.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT cf-cache-status HIT last-modified Thu, 08 Jun 2023 01:30:06 GMT server cloudflare age 56036 etag "64812f1e-84c1" vary Accept-Encoding content-type image/png cache-control max-age=86400 accept-ranges bytes timing-allow-origin * cf-ray 82d496fd1e9691d8-FRA content-length 33985 expires Wed, 29 Nov 2023 02:40:22 GMT
GET H2	200	style.css littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 02AD	12 KB 2 KB	155ms 72ms	Stylesheet text/css	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492 Requested by Host: interstitial-08.com URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://interstitial-08.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT content-encoding br cf-cache-status HIT last-modified Fri, 03 Nov 2023 11:42:23 GMT server cloudflare age 2790 etag W/"6544dc9f-30c9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type text/css access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 cf-ray 82d496fdbf8891d8-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	audible.png littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 02AD	3 KB 4 KB	122ms 40ms	Image image/png	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png Requested by Host: interstitial-08.com URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://interstitial-08.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT cf-cache-status HIT age 3669 content-length 3429 last-modified Fri, 03 Nov 2023 11:42:23 GMT server cloudflare etag "6544dc9f-d65" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 accept-ranges bytes cf-ray 82d496fdbf8a91d8-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	0100657458245.jpeg interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 02AD	32 KB 0	92ms 92ms	Image image/jpeg	139.45.197.151 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg Requested by Host: interstitial-08.com URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT last-modified Thu, 31 Jan 2019 11:14:34 GMT server nginx etag "5c52d89a-d0e0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 53472
GET		0933414948049.jpeg interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 02AD	0 0
GET		0350025199145.jpeg interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 02AD	0 0
GET		01289039865190.jpeg interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 02AD	0 0
GET H2	200	player.png littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 02AD	28 KB 28 KB	131ms 73ms	Image image/png	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png Requested by Host: interstitial-08.com URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://interstitial-08.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT cf-cache-status HIT age 1315 content-length 28527 last-modified Fri, 03 Nov 2023 11:42:23 GMT server cloudflare etag "6544dc9f-6f6f" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 accept-ranges bytes cf-ray 82d496fdbf8d91d8-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	script.js littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 02AD	1 KB 564 B	130ms 72ms	Script application/javascript	2606:4700:10::6816:1974 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494 Requested by Host: interstitial-08.com URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D4038163063%26z%3D6189563%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DrPKBvkmMZVMmcF7pJ-pB0Oh3JN3kTBk5vzFW-uO3yn_K-sX3WgaKiTtAE2UV60O2kypcNcRgUkDaf99pz0yKh2MQub1GD-Nvvng1ma7mbP_Vv4eKOTSB1s_49tJLSy7pHxxWoXIwHkfm0Pdpg2sc8b0llMfYJmpbCAk4n06wDbW7zK3T6Z7cAx57T09mUgc65SVD_yPE8iwEYxPBZNlhWZ1Ca-5g9BSGSyKngZ-1dovUSFhjQkiqKgqXc3ovs6kLh87juRbNg0DIqQc29qohprU6XNooi5YZFEnLNEIpovfN0nxfX4NqME5iKzK98fS4%26bag%3DydU9kaAfa6I%3D%26ruid%3D7f88ff10-dce3-413e-85ea-600ef9006e27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fumbrellacorporation.id%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://interstitial-08.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:18 GMT content-encoding br cf-cache-status HIT last-modified Fri, 03 Nov 2023 11:42:23 GMT server cloudflare age 1139 etag W/"6544dc9f-58b" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cache-control max-age=3600 cf-ray 82d496fdbf8c91d8-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET H2	200	/ href.li/ Redirect Chain http://href.li/?http://groorsoa.net/4/6634700 https://href.li/?http://groorsoa.net/4/6634700	458 B 362 B	264ms 143ms	Document text/html	192.0.78.26 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://href.li/?http://groorsoa.net/4/6634700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://umbrellacorporation.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=utf-8 date Tue, 28 Nov 2023 18:14:18 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding x-ac 2.hhn _dfw MISS Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Tue, 28 Nov 2023 18:14:18 GMT Location https://href.li/?http://groorsoa.net/4/6634700 Server nginx X-ac 2.hhn _dfw BYPASS
GET H2	200	65650a0c79c40t1701120524r4896.jpg.webp i.cdnfimgs.com/auto/192/q85/image/vk/6783/783/	13 KB 13 KB	106ms 24ms	Image image/webp	45.133.44.37 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.cdnfimgs.com/auto/192/q85/image/vk/6783/783/65650a0c79c40t1701120524r4896.jpg.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://umbrellacorporation.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Tue, 12 Dec 2023 18:14:18 GMT date Tue, 28 Nov 2023 18:14:18 GMT server nginx/1.23.2 x-cache-status MISS content-type image/webp access-control-allow-origin * cache-control max-age=1209600 content-length 13314 x-proxy-cache HIT
GET H/1.1	200 OK	6634700 Show response groorsoa.net/4/	30 KB 14 KB	106ms 48ms	Document text/html	139.45.197.245 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://groorsoa.net/4/6634700 Requested by Host: href.li URL: https://href.li/?http://groorsoa.net/4/6634700 Protocol HTTP/1.1 Server 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 8a41a7430f8fde0003841dfc4065c13a1fbefa0a3b20f894c9056ec168592003 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon Access-Control-Allow-Methods GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Origin * * Access-Control-Max-Age 86400 Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf8 Date Tue, 28 Nov 2023 18:14:18 GMT Expires Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT Link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" Pragma no-cache no-cache Server nginx Timing-Allow-Origin * Transfer-Encoding chunked X-Trace-Id b9bfb7e4bd0ce38b587a0c4642421291
POST H/1.1	200 OK	sftouch groorsoa.net/	2 B 882 B	55ms 55ms	Ping text/plain	139.45.197.245 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://groorsoa.net/sftouch?userId=b711a1b816d446249daf11ff2105e472&z=6634700&p_rid=683635eb-77e8-49fa-849f-6e8439d1856a&p_src=sf Requested by Host: groorsoa.net URL: http://groorsoa.net/4/6634700 Protocol HTTP/1.1 Server 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://groorsoa.net/4/6634700 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Tue, 28 Nov 2023 18:14:19 GMT Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Connection keep-alive Content-Length 2 X-Trace-Id fcc403829a4a2d71fa6064354d66016c Pragma no-cache Server nginx Accept-Ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin http://groorsoa.net Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	img.gif my.rtmark.net/	43 B 490 B	56ms 56ms	Image image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my.rtmark.net/img.gif?f=merge&userId=b711a1b816d446249daf11ff2105e472&z=6634700&p_rid=683635eb-77e8-49fa-849f-6e8439d1856a&p_src=sf Requested by Host: groorsoa.net URL: http://groorsoa.net/4/6634700 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://groorsoa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
POST H/1.1	200 OK	add datatechone.com/log/	2 B 464 B	173ms 45ms	XHR text/plain	139.45.195.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f Requested by Host: groorsoa.net URL: http://groorsoa.net/4/6634700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash Request headers Referer http://groorsoa.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 28 Nov 2023 18:14:19 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin http://groorsoa.net Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 2
GET H2	200	/ alltopjournal.com/ Redirect Chain http://groorsoa.net/?z=6634700&syncedCookie=true&rhd=false https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb	40 KB 13 KB	158ms 89ms	Document text/html	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash Request headers Content-Type application/x-www-form-urlencoded Origin http://groorsoa.net Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82d497027edf4d8b-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic5qpF%2FKdFcMnG523vSgRg%2Bw9ONcuBUqm5jV7F2SV3wdtf6XMI5ucnxMAeCxPX5cVUvn8aEvNqZ6NILp2l41oRnbej5gDlfJrbtBs73%2B%2FJ5azLFjJHEYws95RpZktGHceAbntw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33 Redirect headers Accept-Ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin http://groorsoa.net Access-Control-Max-Age 86400 Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 0 Date Tue, 28 Nov 2023 18:14:19 GMT Expires Tue, 11 Jan 1994 10:00:00 GMT Link <https://alltopjournal.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" Location https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Pragma no-cache Referrer-Policy no-referrer Server nginx Strict-Transport-Security max-age=1 Timing-Allow-Origin * * X-Content-Type-Options nosniff X-Trace-Id 8daab919ca6a21f02b021feea9846f69
GET H2	200	gid.js my.rtmark.net/	65 B 544 B	44ms 44ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=d82e0faa1a7e7bd9daeeda3b35fb538f Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://alltopjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	micro.tag.min.js alltopjournal.com/pfe/current/	26 KB 10 KB	57ms 56ms	Script application/javascript	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status MISS last-modified Thu, 23 Nov 2023 20:42:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"655fb939-697f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KfXvs0EXdAiyeUj%2B5MF7pE8JoRx3dGlpgG%2BhzElicoXXXgwkL7SA9T6kJDfC353bzKlk8O3MnHApX415MiJ3Nj8z6vbXx8iPXhx98H6W5JCKbSATd%2B79xHFkjANQeyuarL9eA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 82d497033fdb4d8b-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ alltopjournal.com/19/4662728/	3 KB 2 KB	63ms 63ms	XHR application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/19/4662728/?abt_opts=1&var=6634700&var3=753430128327143870&ymid=&rhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 85b75d6a36257803f62e64f91071dc1d pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XK0EuRHPodjLc17VOx9j6vvlp7gVUYZuFhE5jas8YWrUFiiu6zsOTB1vb1mylEJFZn5dzLM6pWiLRCFT8ihnVbrUVN8uwyeClXS6omM4z0rsKgBHOOyZUE18452M293Tq0PDg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 82d497034ff54d8b-FRA expires Tue, 11 Jan 1994 10:00:00 GMT
POST H2	200	/ alltopjournal.com/	2 B 389 B	56ms 56ms	XHR application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gysb%2BPyvFcLQ3uL6YFX3rTpqBKg1zjkWFXVsgxY1iV4BFwHeHqKNX2adGR9Obf7NYRhVap43McfTEJ1d5W%2F18uMGOWICY3x2CdRCJfqlQp27biwaPLuNIQh8oulXF2YaKjdy7A%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 82d497034ffc4d8b-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H2	200	4662709 alltopjournal.com/sw-check-permissions/	0 881 B	56ms 55ms	Other application/javascript	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/sw-check-permissions/4662709?var=6634700&ymid=753430128327143870&uhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=negb9FWiiDS493xOc%2BiCjSpmJImo9tJ%2FAXYx91lD1xy1MYlEYiXzvtQF%2BBWQ9oVLgZ6XO5wITA8LN99wO3i3C2%2Fjge3sv9FBFBaYyDiQhNo35aEclRtNheXrIvavP3dhQCg3Ug%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 82d49703a8624d8b-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H2	200	zone alltopjournal.com/	0 440 B	54ms 53ms	Ping text/plain	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=alltopjournal.com&var=6634700&ymid=753430128327143870&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id 89cca2e061825ddd0b47dee8cd52c2f9 date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UqZXENX1y13FUFNjvGZpmrXLCTcKvV%2BHWqD2UeD5DLhZiE%2BmygX2icHfN0hBNLMElTYb2NpPRVgQMyebtgm5tTGDSXS6M8nuFxu4%2FRLktcLkfTO1TPvuqAAN8JqkLnQf9X1Bg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://alltopjournal.com access-control-allow-credentials true cf-ray 82d49703a8634d8b-FRA access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	gid.js my.rtmark.net/	65 B 544 B	50ms 49ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=753430128327143870&var=6634700 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://alltopjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone alltopjournal.com/	797 B 1016 B	49ms 48ms	Fetch application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=alltopjournal.com&var=6634700&ymid=753430128327143870&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id f5a9327cd99cac51bd085c001f49555b server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5XaMLaqfOr7fAtuNV%2BcPUcH9WAZulGUQxk9YlStCV2ThEW0CaTLX0Cm4t9aWr3ndV7ROA4deDtR9Mb6bYwZgbIJmziccPhJxPJ9oGSZM0kjl8Q7tbr2oyXwXc93Pk0D08Y7rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 82d49703c92ab930-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
GET H3	200	/ Show response alltopjournal.com/	40 KB 13 KB	72ms 71ms	Document text/html	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 488bb738345fcef0a9ba63c69886b4c6c2b5d901ae621647261b6546f3fe3e32 Request headers Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82d4970419ccb930-AMS content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U5NS79bm714K6zFDx5YHPF29uUlZasez8akhmAFzioJ9KBWeHIsw5z7JUPCKE4Qv1Wx7eiA5ZiSH7m5BVrJInnTiWR7%2FJ%2BA%2BA4fbLJJqO75swbE3hv7Oto2Eku0SnX3K5itmw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H3	200	micro.tag.min.js Show response alltopjournal.com/pfe/current/	26 KB 11 KB	50ms 50ms	Script application/javascript	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status MISS last-modified Thu, 23 Nov 2023 20:42:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"655fb939-697f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFHNiugeaE0NAqAGqCMKtZ4RkQgFieDM01vP3C2pN8sxhUkksDZynv2FrwJXOr5girqgPIN6JXJBjhe8LgyYEoEmbbLXMTm0WpfQPs7NOWMe8IW0BXBrKo36XwLtngAlp30X4A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 access-control-allow-credentials true cf-ray 82d497049a7eb930-AMS alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	/ Show response alltopjournal.com/19/4662728/	3 KB 3 KB	50ms 50ms	XHR application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/19/4662728/?abt_opts=1&var=6634700&var3=753430128327143870&ymid=&rhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0044958f6ea27b25c7fc75b489b7ab80ad53c0a684b46290fa146dffb73f170a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 611177c220d1eab914d58cbbf075223b pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUU6%2Fo1sRXEFnmTWGCr2F7qugBrpTAHTYJ0Am5vNeAj%2BOc4qYiMUevsKfGi8L%2BmCS%2F352XmLZJ3XNemyk09exbypJQKNuvE8H2xtrBmzV4qXomYjQp0i182cmywjv1I00yNGmQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 82d49704aa8cb930-AMS expires Tue, 11 Jan 1994 10:00:00 GMT
GET H3	200	4662709 alltopjournal.com/sw-check-permissions/	0 952 B	112ms 111ms	Other application/javascript	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/sw-check-permissions/4662709?var=6634700&ymid=753430128327143870&uhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET9y2324RyLQEAhnmrngw19s%2FP1x3W6zU94Zsr2yHJLA6dSdlSuRB%2FNfIHBiV47yDTHzA3UboJe64t1NCbmA%2FNXkTxOBM0En8HbriCS7zL%2BlBQdkB9fUmh6N5nJDQM5ySirjxQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 82d49704fadcb930-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400
POST H3	200	zone alltopjournal.com/	0 496 B	56ms 56ms	Ping text/plain	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=alltopjournal.com&var=6634700&ymid=753430128327143870&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id a3f9a7f5b670c55b70ef98aa8b79a1aa date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0elTZuWfFEK2%2FEWdt2T4%2BNZ03Y3k4Te8koYTHoRnkEpstTdYfTMCNSCytmMZvPHMe2YXAjNWMmLFAvZWWVllNeEc%2BtWoDjqSeJiBm4wRIxtHRA%2FPwF4OoG0BPt8GtEPEOkkweQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://alltopjournal.com access-control-allow-credentials true cf-ray 82d49704fadeb930-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	rhd Show response alltopjournal.com/	4 KB 4 KB	75ms 74ms	Fetch application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/rhd?rb=Nqgfpdbrm0XUZ6NB9KyI7RadnDgnB4osH6qfgADBRVAi0ud1CufS9ycEl2C1bR_hdgEPlYsqssKQ2gWGV4pxCLsTNVVD8fiLdKqv8Y8laX12UeB4NdYT6_6nTwL2RslGppgqBeKKPEffMon0wcA6CHqr9k3d8Ggj5YFFMM83b90katXLyH_s-cQylwmqZFHDbhNfJOPxuRnT8BxTU-MojOD1U4x7GVA-UEnCrQwmzDR-jEnaqbzy5VVUyGC-MJa1GBQjkmmjigS75Q0JfmAFdAboHaMWo8wDf01DWsqSYufvfd9jV5U4pGCQ-27zIGdI_X6d0nkN1qr1jKEkhzzzjqAn3e9R-Zagaqoo3x0GDXzL-TgtfWhDrB1hRYTHN1YfqGlP1BmF9u_HwBqOsNWO3BcwdDCTpynsrqm2H-0G9p3JsyrGlIV8axZmbiu0Vbn50-BwgGmjTtGp_nLqdKSwHvCTpAGZjHeL10XxbbcWkICUQciQNq2Re0-hAlU%3D&request_ab2=150020&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Falltopjournal.com%2F%3Fs%3D753430128327143870%26ssk%3D2e1674025c30271d5329edc560481809%26svar%3D1701195259%26z%3D6634700%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Falltopjournal.com%2F%3Fs%3D753430128327143870%26ssk%3D2e1674025c30271d5329edc560481809%26svar%3D1701195259%26z%3D6634700%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6634700&var3=753430128327143870&ymid=&rhd=1&m=link Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3f07c8bc4a169fae23ad85879f57c62c0f17c9abb09f51c276764e13ba94723 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-trace-id 2cae0ea7be578117ee60888f4ddfacee pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXNfO3WpWzm4Nl8qNVUl3xw3WnlsxYWKQyuvC4iNsEp0HxQrhfPptXLF4Xw4F7AMdbsQahMko64q3A12EZ27Gplka%2BqPz6d%2FLRXNDkveMvfsgWAZX71HW%2FYB4y5eWhfoj03BRA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 access-control-allow-credentials true cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 82d497050b01b930-AMS expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 544 B	59ms 59ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=753430128327143870&var=6634700 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash df0787f6c05ab9a645a4f4a4ad4236b7e215872e77e233cb39cd4c72a5ef042a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://alltopjournal.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H3	200	zone Show response alltopjournal.com/	797 B 987 B	63ms 63ms	Fetch application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=alltopjournal.com&var=6634700&ymid=753430128327143870&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings Requested by Host: alltopjournal.com URL: https://alltopjournal.com/pfe/current/micro.tag.min.js?z=4662709&ymid=753430128327143870&var=6634700&sw=/sw-check-permissions/4662709&uhd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1418be2bede6dc570dd12e34e0e03392eb1e6c8b35e1214c058873cbc8a2df93 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-trace-id 4892536abf99349bc575d77e6c6d6acb server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1VAm6FcZwB%2Fghdw7UNixS%2BV7lTvntm9jOi99lnz5JPYIHLFWLlFrrvQtMoAzQiUt5JJdf4e9utv1ril4CPVRkWR%2Ft0XUlomK397mmYZPrXd%2B93m3vP9xM1IM5hwOQUvBhKgZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 82d497050b06b930-AMS access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept
POST H3	200	/ Show response alltopjournal.com/	2 B 532 B	57ms 57ms	XHR application/json	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.27 Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.27 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCswz670tk7II%2FQhwbFggLXq44Sb2XeXRkrmGfkL9OqqjYbtmNvyL9J08fLdPE6vS%2BZLrj0CHlRn4xzP12QZF7YidhqmVzlEdeX1zAaa6sTvnKAtmzmQlATjzm9hHxE%2B4ItTJA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 82d497053b92b930-AMS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400
GET H2	200	Primary Request rebate Show response 22bets.me/de/bonus/rules/ Redirect Chain https://track-eu.trackingtraffo.com/pop/imp?auth=3z7uj5&c=dgzJuZkU_2L_isao25FQduumWwKFc8DI5C4vWD3o0Mhh0WFgoqWaACismKb_Qug6aB2Wp3-BQkU56hZ-unQt5tgcTLxP2f5ZA9hTtdfWLP6bKgbVeClHuM4DqYhjTpxX7CC5ev0M5v9... https://plinksplanet.com/click.php?key=5invtnsm87jnjrhy1otc&clickid=2bc8a097-92fb-4583-8d03-679038b7651c&cost=0.0049&PUB_ID=185&SUB_ID=4662728&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2023-11-28&B... https://ad.22betpartners.com/redirect.aspx?pid=39470&bid=1484&lpid=367&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-All... https://link22.world/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-... https://22bets.me/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-... https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-...	226 KB 47 KB	587ms 586ms	Document text/html	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 772ca762fbe27c99479fd49cb961349decd92f1a65782cd64c2b84dfa7bebffd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:22 GMT server nginx server-timing p;dur=412 wf-uht;dur=0.427 strict-transport-security max-age=63072000; includeSubDomains; preload vary User-Agent,Accept-Encoding x-frame-options SAMEORIGIN Redirect headers cache-control no-cache, private content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 18:14:21 GMT location https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 server nginx server-timing p;dur=56 wf-uht;dur=0.222 strict-transport-security max-age=63072000; includeSubDomains; preload x-frame-options SAMEORIGIN x-reason 1079,1015
POST H3	200	cat.php alltopjournal.com/	0 763 B	57ms 57ms	Ping text/plain	172.64.139.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alltopjournal.com/cat.php?iine=1&userId=d82e0faa1a7e7bd9daeeda3b35fb538f&zoneid=4662728&rb=Nqgfpdbrm0XUZ6NB9KyI7RadnDgnB4osH6qfgADBRVAi0ud1CufS9ycEl2C1bR_hdgEPlYsqssKQ2gWGV4pxCLsTNVVD8fiLdKqv8Y8laX12UeB4NdYT6_6nTwL2RslGppgqBeKKPEffMon0wcA6CHqr9k3d8Ggj5YFFMM83b90katXLyH_s-cQylwmqZFHDbhNfJOPxuRnT8BxTU-MojOD1U4x7GVA-UEnCrQwmzDR-jEnaqbzy5VVUyGC-MJa1GBQjkmmjigS75Q0JfmAFdAboHaMWo8wDf01DWsqSYufvfd9jV5U4pGCQ-27zIGdI_X6d0nkN1qr1jKEkhzzzjqAn3e9R-Zagaqoo3x0GDXzL-TgtfWhDrB1hRYTHN1YfqGlP1BmF9u_HwBqOsNWO3BcwdDCTpynsrqm2H-0G9p3JsyrGlIV8axZmbiu0Vbn50-BwgGmjTtGp_nLqdKSwHvCTpAGZjHeL10XxbbcWkICUQciQNq2Re0-hAlU=&var=6634700&var3=753430128327143870&ymid=&rhd=1 Requested by Host: alltopjournal.com URL: https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.139.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://alltopjournal.com/?s=753430128327143870&ssk=2e1674025c30271d5329edc560481809&svar=1701195259&z=6634700&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 28 Nov 2023 18:14:20 GMT strict-transport-security max-age=1 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 0 x-trace-id 9a5d9a4fe3fb80cd22b223e0b194ad6d pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9VLAbTNMGcObiEnMK5ln%2FLxXksmEhAyoHsASS8jJ9%2BHFM1m0chcQzCS0PU3JOk5oJIqEbPz1MiWFOZt0rFZIFY%2BqZ5uC2nZLhyLYDLpr%2FeRj34hQhxIYOOEP18PIG06i8zEcA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://alltopjournal.com cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 82d497089850b930-AMS expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	jquery_pack.js Show response 22bets.me/default/legacy/min_js/	592 KB 175 KB	155ms 133ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/legacy/min_js/jquery_pack.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6e640cefe92535e10ae5ea7740c127fe1a979295cc1bf491346464e8c521eb96 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:51 GMT server nginx etag W/"64e6f3b7-93e73" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur= expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	main.2c5be3c4ed37055d0eba10dc1841809a.css 22bets.me/styles/css/result/	226 KB 40 KB	93ms 71ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/result/main.2c5be3c4ed37055d0eba10dc1841809a.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash ff414082666a2cd89f9ab365d665ebd6e43f8c94a626bf66674ae54e3a37c9f9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 23 Nov 2023 12:15:19 GMT server nginx etag W/"655f4257-388bc" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.005 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	keyboard.css 22bets.me/default/css/	8 KB 2 KB	86ms 65ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/css/keyboard.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 53abc9a28027bf7eec43e8dc89dca43230f31b3cd60ff093c0d099c8c6afec5c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:42 GMT server nginx etag W/"64e6f3ae-200b" vary Accept-Encoding content-type text/css cache-control max-age=3600 server-timing wf-uht;dur=0.001 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	jquery_pack.css 22bets.me/default/legacy/min_css/	55 KB 10 KB	91ms 69ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/legacy/min_css/jquery_pack.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash bb63ceb127d03ff6ac88ab94ec8b558d1ab999d39175e6ea4cb4aefbf3a9fb3c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:51 GMT server nginx etag W/"64e6f3b7-dcba" vary Accept-Encoding content-type text/css cache-control max-age=3600 server-timing wf-uht;dur=0.002 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	css fonts.googleapis.com/	15 KB 1 KB	62ms 41ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic-ext,latin-ext Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 234b5f3744c676dc708c10954a9acfd0a99c1b3eac7776caaf5556285f0f664c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:15:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	css fonts.googleapis.com/	14 KB 917 B	64ms 43ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,300,300i,700,700i&subset=cyrillic-ext,latin-ext Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 313182bb88231cafe93374dc3287fbc25869b96d3e9986532dc43b587c392010 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:33:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	libs_js.js Show response 22bets.me/getZone/web_nz/scripts/	632 KB 175 KB	722ms 702ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/getZone/web_nz/scripts/libs_js.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash d97ab74b50aaeabc071eacf52b01813730386e69558843dcc7562de243a16771 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 24 Oct 2023 15:16:08 GMT server nginx etag W/"6537dfb8-9e0c1" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur=0.021 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	mainengine.js Show response 22bets.me/getZone/web_nz/engine/	386 KB 97 KB	722ms 702ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/getZone/web_nz/engine/mainengine.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 0db83ffca405aec5a233b553be8fc86503e6b36d6c1e62feb7f266e270f0101b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 24 Oct 2023 15:16:08 GMT server nginx etag W/"6537dfb8-6069e" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur=0.013 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	dictionary_6b9ef741fa2857e92b7bcfe89020fd73.js Show response 22bets.me/genfiles/web-app-v2/dictionary/prod/main/de/	68 KB 28 KB	715ms 695ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/genfiles/web-app-v2/dictionary/prod/main/de/dictionary_6b9ef741fa2857e92b7bcfe89020fd73.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 81b8c3b46eefb920509e5cc50c51e24d505e108773945f0999e369297b2eaae1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Fri, 24 Nov 2023 09:42:04 GMT server nginx etag W/"6b9ef741fa2857e92b7bcfe89020fd73" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur= expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	main.0dbb7992ae4dc1d17d00af7dd4d512eb.css 22bets.me/styles/css/notify/partners/bet22/	810 B 1 KB	54ms 35ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/notify/partners/bet22/main.0dbb7992ae4dc1d17d00af7dd4d512eb.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash f54fb4e2044eec4dc302d2b0809fa24ce79c6edf1a7bce256e50a8fd03c884a4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:33 GMT server nginx etag "64e6f765-32a" content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 accept-ranges bytes content-length 810 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.17bf4c0474568f263e8c29f4d6768493.css 22bets.me/styles/css/registration/partners/bet22/	44 KB 8 KB	87ms 68ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/registration/partners/bet22/main.17bf4c0474568f263e8c29f4d6768493.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 8c575500457561ac0073f86a99f34ef3b7343108b134387e8ad8a93c23e9e24e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Wed, 22 Nov 2023 08:28:51 GMT server nginx etag W/"655dbbc3-af24" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.002 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.0ba88101f1114ec114cb46bfd59edf87.css 22bets.me/styles/css/c-bottom-msg/	2 KB 861 B	84ms 65ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/c-bottom-msg/main.0ba88101f1114ec114cb46bfd59edf87.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash ea6a28cf6118004844e78fffb900823a7b4eb012427dd125bb32d4bcdbe1e700 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:22:51 GMT server nginx etag W/"64e6f73b-717" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.000 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.64e6a30d5657ade2a19103f9485aac1e.css 22bets.me/styles/css/arctic-modal/partners/bet22/	5 KB 2 KB	87ms 68ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/arctic-modal/partners/bet22/main.64e6a30d5657ade2a19103f9485aac1e.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash a71cc2dd6af371ae5e656ad63615abae472c188400716a5c65085a90f519a0a3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:22:46 GMT server nginx etag W/"64e6f736-14ec" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.c190efa3f04612666eb2e62376669bca.css 22bets.me/styles/css/phone-input/partners/bet22/	9 KB 2 KB	85ms 66ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/phone-input/partners/bet22/main.c190efa3f04612666eb2e62376669bca.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 55ba76b5d25b0fd4f12f5310268fb843d829ba41cda67b47d40169ce186207d5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:34 GMT server nginx etag W/"64e6f766-2483" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur= expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.66b5517c90830c4ed5733c06d18b2c89.css 22bets.me/styles/css/popups/modal-phone/partners/bet22/	5 KB 2 KB	85ms 67ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/popups/modal-phone/partners/bet22/main.66b5517c90830c4ed5733c06d18b2c89.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 1ef4de26f7c6fd06f81a88405811a0b895c1654c018bf74c22ebca2acf1ead1f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:36 GMT server nginx etag W/"64e6f768-1486" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur= expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.fd69ef4e1f6efe24f1526ed1ce0cca29.css 22bets.me/styles/css/forgot-password/partners/bet22/	13 KB 2 KB	88ms 70ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/forgot-password/partners/bet22/main.fd69ef4e1f6efe24f1526ed1ce0cca29.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 186f77cd548a55a12484269d0804dd195af30b78ea8c89b45065d4b2c9becd66 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:01 GMT server nginx etag W/"64e6f745-33ce" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.433cc968a3cf5c0f7fd7be63ef668319.css 22bets.me/styles/css/w-express/	11 KB 2 KB	714ms 696ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/w-express/main.433cc968a3cf5c0f7fd7be63ef668319.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 71f6cc4a6f2bfadc7d3dace2a9e0000741ab8977ba0adca648c69b4080288592 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 19 Oct 2023 10:11:06 GMT server nginx etag W/"653100ba-2d5f" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	top-dropdowns-icons_22bet-8d315ab938.min.css 22bets.me/styles/sprites/css/	108 KB 6 KB	714ms 697ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/sprites/css/top-dropdowns-icons_22bet-8d315ab938.min.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash ceb687ce92cabaf70c79323bfa509c32c138cfb18d98622ee098347b57c98666 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 13:14:43 GMT server nginx etag W/"6565e7c3-1b009" vary Accept-Encoding content-type text/css cache-control max-age=3600 server-timing wf-uht;dur=0.003 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	fontAwesome.9ced57f0524d03e0271d.css 22bets.me/bundle/app/Bet22/Desktop/	30 KB 7 KB	714ms 697ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/fontAwesome.9ced57f0524d03e0271d.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 9bf80c384803fe6c49abfe594c84556c3af802e539c6655532a2b334deb04b28 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-7908" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.7e44ff52a2ea5cd82719db68a89703aa.css 22bets.me/styles/css/coupon-modal-old/partners/bet22/	12 KB 3 KB	713ms 697ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/coupon-modal-old/partners/bet22/main.7e44ff52a2ea5cd82719db68a89703aa.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash a6c761bb2a7d7be606f0e5f30e8b37b077bd74f2ae39d9560de86d79b00dcba9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:22:53 GMT server nginx etag W/"64e6f73d-2fd0" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	css fonts.googleapis.com/	11 KB 860 B	57ms 41ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:33:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 739 B	70ms 54ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700&subset=cyrillic,cyrillic-ext Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:30:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	main.fe4193f27455718238531132d4961c9b.css 22bets.me/styles/css/global/	13 KB 3 KB	711ms 696ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/global/main.fe4193f27455718238531132d4961c9b.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 46c5d36df47ffd070e7f1eb80d56bc50538833aa18997628c1b92e1c8a534bc4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:04 GMT server nginx etag W/"64e6f748-320c" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.88cccdf7f6eab0922be175a4cbc355a4.css 22bets.me/styles/css/header/partners/bet22/	115 KB 18 KB	716ms 701ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/header/partners/bet22/main.88cccdf7f6eab0922be175a4cbc355a4.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash f10670888b7a071e34ace0f1492c4add1384e02c54edb4f06ebf6cd066e05230 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 21 Nov 2023 09:19:48 GMT server nginx etag W/"655c7634-1ca4a" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.007 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.63d095ba6cb73c03ddd780bc2dc09a09.css 22bets.me/styles/css/footer/partners/bet22/	92 KB 14 KB	714ms 699ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/footer/partners/bet22/main.63d095ba6cb73c03ddd780bc2dc09a09.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6fdee006954e75b84a78e121c11df05e4624d7b976653c1494821ed06fcc2a4a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 23 Nov 2023 08:30:24 GMT server nginx etag W/"655f0da0-171f7" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.2a41f7a4df03eec9a99d1ea065dc3367.css 22bets.me/styles/css/menu-left/partners/bet22/	98 KB 16 KB	714ms 700ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/menu-left/partners/bet22/main.2a41f7a4df03eec9a99d1ea065dc3367.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash d1e6a2a0a01910ba3ee65ed208862f7d5246b57b364e88833089a8d11a473299 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Wed, 08 Nov 2023 10:11:54 GMT server nginx etag W/"654b5eea-1886b" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.004 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.47e2f9b7c75870627425b8f576881642.css 22bets.me/styles/css/popup/partners/bet22/	172 KB 30 KB	714ms 700ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/popup/partners/bet22/main.47e2f9b7c75870627425b8f576881642.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 46684f6a46249898b2a4239ff29ff93cc4a68b80ebad55bf5ad8bc335fea3777 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 23 Nov 2023 12:15:15 GMT server nginx etag W/"655f4253-2b125" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.005 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.06a50302e7488420ff07849f2e71f957.css 22bets.me/styles/css/column-right/	21 KB 5 KB	711ms 698ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/column-right/main.06a50302e7488420ff07849f2e71f957.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 8bd0d1cb74bf3450fceaf57d93c0f91e40727eba71d5bc68a1576c6c4fd091db Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 23 Nov 2023 12:14:33 GMT server nginx etag W/"655f4229-5559" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	scoreboard_game.5aab40bd45360a8174c212ef102a51e7.css 22bets.me/styles/css/old_styles/	241 KB 33 KB	714ms 701ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/old_styles/scoreboard_game.5aab40bd45360a8174c212ef102a51e7.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 2cde14d4eca23085f39951faffd47b6409dea4d0d16149c787058233248c801f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:34 GMT server nginx etag W/"64e6f766-3c4a9" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.006 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	filters.a72253c120568ae897ceb06e9da0fc46.css 22bets.me/styles/css/old_styles/	21 KB 4 KB	708ms 698ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/old_styles/filters.a72253c120568ae897ceb06e9da0fc46.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6bece2b260209ce3e0bbeddb11807c7a5a347060c479101c6e69e0996e9803f8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:33 GMT server nginx etag W/"64e6f765-549d" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.002 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.8ffd8252af982cff0106564af5e5b688.css 22bets.me/styles/css/new1x2/partners/bet22/	46 KB 8 KB	708ms 698ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/new1x2/partners/bet22/main.8ffd8252af982cff0106564af5e5b688.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash a7ed1625622ccdf3e634450f19608f7d2713002a75d46845aa46a2c6aed1a377 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Wed, 22 Nov 2023 12:00:29 GMT server nginx etag W/"655ded5d-b77a" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.002 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.61b01f94a27b1b46ec69cbe71afcbbfb.css 22bets.me/styles/css/sportstream/	3 KB 1 KB	707ms 698ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/sportstream/main.61b01f94a27b1b46ec69cbe71afcbbfb.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 1736340f9e4359539673febe1c169645c5f479a46488832173faaebeda441d89 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:50 GMT server nginx etag W/"64e6f776-b95" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.002 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.a82cf2d6ac86a9abbbb304a6752e37b6.css 22bets.me/styles/css/bet22/	628 KB 89 KB	711ms 702ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/bet22/main.a82cf2d6ac86a9abbbb304a6752e37b6.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash bfd7ad3c2ae7c00d9965c8b7d88b2ff4211437950f7073376b25ec24231d9e66 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Mon, 27 Nov 2023 09:59:35 GMT server nginx etag W/"65646887-9ce8d" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.012 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	main.27eab30d79f96c0a9bcae87eb5aad3be.css 22bets.me/styles/css/messages/partners/bet22/	6 KB 2 KB	708ms 699ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/messages/partners/bet22/main.27eab30d79f96c0a9bcae87eb5aad3be.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 104fdf82407542d409fdec2ef8a7f8b579948f3228da0e7bfcfbc49deaa88976 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:16 GMT server nginx etag W/"64e6f754-1676" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.002 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	vendor.f98438d5639b93639ac7.js Show response 22bets.me/bundle/library/	402 KB 113 KB	704ms 695ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/library/vendor.f98438d5639b93639ac7.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash b2207546d084746dd412f6a593eca729abaecba298cd46a018954e7e8fc8fa85 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Mon, 20 Nov 2023 12:45:00 GMT server nginx etag W/"655b54cc-64620" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur= expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	polyfill.cb36922bcf62aa991a8f.bundle.js Show response 22bets.me/bundle/app/Bet22/Desktop/	82 KB 28 KB	709ms 701ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/polyfill.cb36922bcf62aa991a8f.bundle.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 0e684bfe9a4e24bceb0e525f3d8831edf1580aaff12bd231aee1e097a669eb10 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-14938" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur=0.005 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	polyfill.7687c517a241de6e490bd1dc769a038c.js Show response 22bets.me/default/min_js/	2 KB 1 KB	708ms 700ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/min_js/polyfill.7687c517a241de6e490bd1dc769a038c.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash f94ff3c33c8b835ffb4486901ff1ab168c383e39551449b924abf15a80cc2ec9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:30:36 GMT server nginx etag W/"64e6f90c-9fd" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur=0.003 expires Tue, 28 Nov 2023 19:14:22 GMT
GET H2	200	fontAwesome.865c9c052f7dd38e27d3.bundle.js Show response 22bets.me/bundle/app/Bet22/Desktop/	1 KB 849 B	707ms 699ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/fontAwesome.865c9c052f7dd38e27d3.bundle.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 9a014b0b57422647f29f5416081215b7561be15500353885a3a8acd76fc074e0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-470" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur=0.003 expires Wed, 29 Nov 2023 18:14:22 GMT
GET H2	200	css fonts.googleapis.com/	27 KB 1 KB	49ms 42ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 16:42:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 685 B	50ms 42ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&subset=cyrillic Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash beb04f1763490f02f9d2d42a52e9b0fb8034a206b7237516bbaf0168eda54a27 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 28 Nov 2023 18:14:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 Nov 2023 17:24:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Nov 2023 18:14:22 GMT
GET H2	200	69c5fba8763e25104c4b57be540b9ec9.png 22bets.me/genfiles/cms/pg/151/images/	8 KB 9 KB	709ms 701ms	Image image/png	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://22bets.me/genfiles/cms/pg/151/images/69c5fba8763e25104c4b57be540b9ec9.png Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 9368bfc36f658e8caa9ce2d56b148853fba086149352acd8c2a927ecc75d0ba8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 11 Apr 2023 22:55:39 GMT server nginx etag "1810891e30687e4182f93d7ef490fe1b" content-type image/png access-control-allow-origin * cache-control public,max-age=120,s-maxage=600 server-timing wf-uht;dur=0.009 accept-ranges bytes content-length 8602
GET H2	200	visa_blue.svg 22bets.me/default/img/	737 B 957 B	707ms 700ms	Image image/svg+xml	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://22bets.me/default/img/visa_blue.svg Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 624d8fc5bbb76343fcabea8cd70f29287c8f7f35a8dd4923594daff3f9b870dd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:22 GMT strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:50 GMT server nginx etag "64e6f3b6-2e1" content-type image/svg+xml server-timing wf-uht;dur=0.003 accept-ranges bytes content-length 737
GET H2	200	mastercard_ic.svg 22bets.me/default/img/	2 KB 2 KB	75ms 74ms	Image image/svg+xml	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://22bets.me/default/img/mastercard_ic.svg Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6004685f933946d3f31607e7320945bbacf7b235cac57b7fa859574d2028a5a1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:48 GMT server nginx etag W/"64e6f3b4-732" vary Accept-Encoding content-type image/svg+xml server-timing wf-uht;dur=0.000
GET H2	200	dci_logo.jpg 22bets.me/default/img/bet22/	6 KB 7 KB	73ms 72ms	Image image/jpeg	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://22bets.me/default/img/bet22/dci_logo.jpg Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash c69af71b2c3bceacea794eb1df2aee01d862e7242b32b5ce099616f1e34f68ef Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:45 GMT server nginx etag "64e6f3b1-1931" content-type image/jpeg cache-control max-age=60 server-timing wf-uht;dur= accept-ranges bytes content-length 6449 expires Tue, 28 Nov 2023 18:15:18 GMT
GET H2	200	discover_logo.jpg 22bets.me/default/img/bet22/	8 KB 9 KB	33ms 29ms	Image image/jpeg	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://22bets.me/default/img/bet22/discover_logo.jpg Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 26b2e57089ecb46a460bc14fa6492633cfa353f15753b6fde5f245761431ecc5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:45 GMT server nginx etag "64e6f3b1-21d6" content-type image/jpeg cache-control max-age=60 server-timing wf-uht;dur= accept-ranges bytes content-length 8662 expires Tue, 28 Nov 2023 18:15:19 GMT
GET H2	200	cookie.js Show response 22bets.me/default/js/	1 KB 847 B	35ms 31ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/js/cookie.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 536ee79f1bc35fbd1bb6ed7377073877c9784dbc010510ea06a9092b8b8be8f9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:50 GMT server nginx etag W/"64e6f3b6-4c9" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur=0.001 expires Tue, 28 Nov 2023 19:14:27 GMT
GET H2	200	pushfree_integrate.9a1f2b0e6801b7590698.css 22bets.me/bundle/app/Bet22/Desktop/	10 KB 2 KB	29ms 27ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/pushfree_integrate.9a1f2b0e6801b7590698.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 88971183592efb1d6cc059da99bdf474e7a29b2f92944ee21b576729a72bcc90 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:15 GMT server nginx etag W/"6565fedb-28a6" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:27 GMT
GET H2	200	common_22bet.5f95987c58f148c17c67.css 22bets.me/bundle/app/Bet22/Desktop/	11 KB 3 KB	392ms 391ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/common_22bet.5f95987c58f148c17c67.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 60daa42ab587c5cf56bd621d06731c01dffd1c5e27507f596270edadd5895ac5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-2aef" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:27 GMT
GET H2	200	sports-icons-5c5dca4c5a.min.css 22bets.me/styles/sprites/css/	84 KB 4 KB	392ms 392ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/sprites/css/sports-icons-5c5dca4c5a.min.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash acafc938adbae92702edac4e3c1c716d9625b85198db1a8f2f25e7a1da8c490e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 13:14:41 GMT server nginx etag W/"6565e7c1-15118" vary Accept-Encoding content-type text/css cache-control max-age=3600 server-timing wf-uht;dur=0.001 expires Tue, 28 Nov 2023 19:14:27 GMT
GET H2	200	auth.5ae046b0d524266398a9.css 22bets.me/bundle/app/Bet22/Desktop/	5 KB 1 KB	28ms 27ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/auth.5ae046b0d524266398a9.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 8fa5c113fce5a2d548055a063ed8a11c2d1f92e9648983d6c81736402f1dc8c8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-125b" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:28 GMT
GET H2	200	main.87bdbd85d95d357713bb177a79785879.css 22bets.me/styles/css/auth/	23 KB 4 KB	28ms 28ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/auth/main.87bdbd85d95d357713bb177a79785879.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash e9206dde8f9a22c9693ce0eb9902d65464b97cd51c73c53443b8561569bb7138 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Wed, 18 Oct 2023 08:05:22 GMT server nginx etag W/"652f91c2-5cad" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:28 GMT
GET H2	200	main.de2c9f04b8cf4e99a931bee40959c190.css 22bets.me/styles/css/popup-doublewin/	10 KB 2 KB	31ms 27ms	Stylesheet text/css	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/styles/css/popup-doublewin/main.de2c9f04b8cf4e99a931bee40959c190.css Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 1d762488b7468d0016f89d6ce52f28ac60043601de3ca39043b7a1ad2d86b68d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:23:34 GMT server nginx etag W/"64e6f766-27bb" vary Accept-Encoding content-type text/css cache-control max-age=86400 server-timing wf-uht;dur=0.001 expires Wed, 29 Nov 2023 18:14:28 GMT
GET		pushfree_integrate.8b7a7f9ad9f789f2a04f.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET H2	200	vendorF.fdab15d1ea8a96dc0753.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	273 KB 0	64ms 60ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/vendorF.fdab15d1ea8a96dc0753.bundle.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:15 GMT server nginx etag W/"6565fedb-514eb" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur=0.010 expires Wed, 29 Nov 2023 18:14:28 GMT
GET		registration_common.a7b0eb98c73b594e21dd.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET H2	200	modalInformation.b2f2949545c97c344de5.bundle.js Show response 22bets.me/bundle/app/Bet22/Desktop/	351 KB 103 KB	89ms 86ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/modalInformation.b2f2949545c97c344de5.bundle.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash bd49372e43c2f8c195a9d057332e13e8c40fc0556e95c2ad19af88f3e574df0b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-57d24" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur=0.010 expires Wed, 29 Nov 2023 18:14:28 GMT
GET H2	200	linksToMobileApps.cef7cc9af977d955efd6.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	321 KB 0	273ms 270ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/bundle/app/Bet22/Desktop/linksToMobileApps.cef7cc9af977d955efd6.bundle.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 28 Nov 2023 14:53:14 GMT server nginx etag W/"6565feda-519c6" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 server-timing wf-uht;dur=0.012 expires Wed, 29 Nov 2023 18:14:28 GMT
GET		common_22bet.dadab19cb3372898dcd7.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET		bonus.ab00c93a811f90809da0.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET		menu22.7cb831c41c2dd9aaad96.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET		auth.7792d5332fdb37d49d9e.bundle.js 22bets.me/bundle/app/Bet22/Desktop/	0 0
GET H2	200	jquery_pack.js Show response 22bets.me/default/legacy/min_js/	592 KB 175 KB	1545ms 1545ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/legacy/min_js/jquery_pack.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6e640cefe92535e10ae5ea7740c127fe1a979295cc1bf491346464e8c521eb96 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:24 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:51 GMT server nginx etag W/"64e6f3b7-93e73" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur= expires Tue, 28 Nov 2023 19:14:24 GMT
GET H2	200	trackpoint-async.js s2.adform.net/banners/scripts/st/ Redirect Chain https://a1.adform.net/serving/scripts/trackpoint/async/ https://s2.adform.net/banners/scripts/st/trackpoint-async.js	40 KB 0	399ms 34ms	Script application/javascript	37.157.2.249
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Server 37.157.2.249 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:28 GMT content-encoding gzip last-modified Tue, 23 May 2023 09:56:34 GMT server nginx x-amz-request-id tx00000a56da2566bc5e761-00646c8ee1-32957f68-default etag W/"f937ab3eef01c118930b200e5087d00d" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800 Redirect headers location https://s2.adform.net/banners/scripts/st/trackpoint-async.js date Tue, 28 Nov 2023 18:14:28 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx content-type text/html
GET H2	200	hotjar-1152929.js Show response static.hotjar.com/c/	9 KB 4 KB	134ms 38ms	Script application/javascript	52.222.139.116
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1152929.js?sv=6 Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.116 -, , ASN (), Reverse DNS Software / Resource Hash 10df183438a55571749e2fb8cc45465f96562547e48d82357002263199d2d2a2 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:20 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 9fce949f3749407c8e6a75087e168b46.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 age 8 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/7fa8f49792d954155cde0b7d4d61f81e vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id 0mBLeanOl7B4tDmmxWm23SPHxLaRfrsuEC3U17HAgx3TpQt7ILx0-g==
GET H2	200	jquery_pack.js Show response 22bets.me/default/legacy/min_js/	592 KB 175 KB	39ms 38ms	Script application/javascript	178.253.36.3 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://22bets.me/default/legacy/min_js/jquery_pack.js Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.36.3 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC), Reverse DNS Software nginx / Resource Hash 6e640cefe92535e10ae5ea7740c127fe1a979295cc1bf491346464e8c521eb96 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 18:14:27 GMT content-encoding br strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 24 Aug 2023 06:07:51 GMT server nginx etag W/"64e6f3b7-93e73" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=3600 server-timing wf-uht;dur= expires Tue, 28 Nov 2023 19:14:27 GMT
GET BLOB	200 OK	61ee9214-3282-40d9-a343-a1acae74b152 https://22bets.me/	3 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://22bets.me/61ee9214-3282-40d9-a343-a1acae74b152 Requested by Host: 22bets.me URL: https://22bets.me/de/bonus/rules/rebate?btag=875789_F72105899F9D4B78B178268E522C6A7F&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&utm_term=Ubidex-22bet-DE-Reg-pop-AllPromoSport2&subid=4b4e5g6pma52t363 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 03214c49262a897ec00a96e9602a1e8ed694c2bfc263b98595e0edb4aa00b631 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 2868 Content-Type text/plain
GET		flags-sprite.svg 22bets.me/default/img/	0 0
GET H2	200	modules.28e3191d8757c557b4b7.js Show response script.hotjar.com/	227 KB 57 KB	162ms 76ms	Script application/javascript	13.227.219.120
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1152929.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.120 -, , ASN (), Reverse DNS Software / Resource Hash 77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://22bets.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 14:01:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 447202 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 57395 last-modified Thu, 23 Nov 2023 14:00:23 GMT etag "1ab24a53e715dcb189ab626bacc0e88b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id dH7GnE_b24I7XvCgjumPHTHxRECBNMb3mdT1dM6vv24qqzT5BsVxZA==
GET		clock.png 22bets.me/default/img/bet22/	0 0
GET		info.png 22bets.me/default/img/bet22/	0 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	35ms 33ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://22bets.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:29:28 GMT x-content-type-options nosniff age 359100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Nov 2024 14:29:28 GMT
GET		fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2 22bets.me/bundle/app/Bet22/Desktop/static/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

interstitial-08.com

URL

https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg

Domain

interstitial-08.com

URL

https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg

Domain

interstitial-08.com

URL

https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/pushfree_integrate.8b7a7f9ad9f789f2a04f.bundle.js

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/registration_common.a7b0eb98c73b594e21dd.bundle.js

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/common_22bet.dadab19cb3372898dcd7.bundle.js

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/bonus.ab00c93a811f90809da0.bundle.js

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/menu22.7cb831c41c2dd9aaad96.bundle.js

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/auth.7792d5332fdb37d49d9e.bundle.js

Domain

22bets.me

URL

https://22bets.me/default/img/flags-sprite.svg

Domain

22bets.me

URL

https://22bets.me/default/img/bet22/clock.png

Domain

22bets.me

URL

https://22bets.me/default/img/bet22/info.png

Domain

22bets.me

URL

https://22bets.me/bundle/app/Bet22/Desktop/static/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2