urlscan.io logo urlscan.io
SecurityTrails logo

www.desteptarea.ro Open in urlscan Pro
2606:4700:3037::ac43:98f5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.desteptarea.ro/
Effective URL: https://www.desteptarea.ro/
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 4 countries across 26 domains to perform 220 HTTP transactions. The main IP is 2606:4700:3037::ac43:98f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.desteptarea.ro.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.
This is the only time www.desteptarea.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 39 2606:4700:303... 13335 (CLOUDFLAR...)
13 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 104.20.95.138 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 8 2606:4700:440... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 16 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.84.174.117 16509 (AMAZON-02)
45 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 172.217.16.194 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.207.250 16509 (AMAZON-02)
2 4 142.250.74.198 15169 (GOOGLE)
1 2 37.157.2.247 198622 (ADFORM)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 35 2606:4700:440... 13335 (CLOUDFLAR...)
1 3.127.187.60 16509 (AMAZON-02)
5 35.190.43.134 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 37.157.6.232 198622 (ADFORM)
1 2a03:2880:f17... 32934 (FACEBOOK)
220 32
1    2606:4700:3032::6815:40a7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.desteptarea.ro
39    2606:4700:3037::ac43:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.desteptarea.ro
13    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
sender.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
21    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gml-grp.com
16    2606:4700:4400::ac40:9754 (United States)

ASN13335 (CLOUDFLARENET, US)
promos.betano.de
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    52.84.174.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-117.cdg50.r.cloudfront.net
dd.betano.de
45    2606:4700:4400::6812:28b3 (United States)

ASN13335 (CLOUDFLARENET, US)
landingpages.kaizengaming.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
4    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
12738953.fls.doubleclick.net
2    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
35    2606:4700:4400::ac40:934d (United States)

ASN13335 (CLOUDFLARENET, US)
visuals.kaizengaming.com
1    3.127.187.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-187-60.eu-central-1.compute.amazonaws.com
api-js.datadome.co
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
80 kaizengaming.com
landingpages.kaizengaming.com — Cisco Umbrella Rank: 242409
visuals.kaizengaming.com — Cisco Umbrella Rank: 238670
1 MB
40 desteptarea.ro
www.desteptarea.ro
608 KB
21 gstatic.com
fonts.gstatic.com
496 KB
17 betano.de
promos.betano.de — Cisco Umbrella Rank: 816201
dd.betano.de — Cisco Umbrella Rank: 530547
263 KB
15 wp.com
i0.wp.com — Cisco Umbrella Rank: 3696
stats.wp.com — Cisco Umbrella Rank: 2723
pixel.wp.com — Cisco Umbrella Rank: 2679
381 KB
8 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29111
ui.cleverwebserver.com — Cisco Umbrella Rank: 30174
sender.cleverwebserver.com — Cisco Umbrella Rank: 46087
lp.cleverwebserver.com — Cisco Umbrella Rank: 50659
call.cleverwebserver.com — Cisco Umbrella Rank: 30865
94 KB
6 adform.net
s2.adform.net — Cisco Umbrella Rank: 7060
track.adform.net — Cisco Umbrella Rank: 5048
35 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
12738953.fls.doubleclick.net — Cisco Umbrella Rank: 724601 Failed
4 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 922
tr6.snapchat.com — Cisco Umbrella Rank: 1368
1 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
377 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 98
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 12954
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
94 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6518
563 B
2 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 61278
2 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16730
c.statcounter.com — Cisco Umbrella Rank: 10394
15 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 datadome.co
api-js.datadome.co — Cisco Umbrella Rank: 4769
408 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1260
18 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
535 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 3198
553 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
220 26
Domain Requested by
45 landingpages.kaizengaming.com code.jquery.com
landingpages.kaizengaming.com
promos.betano.de
40 www.desteptarea.ro 2 redirects www.desteptarea.ro
35 visuals.kaizengaming.com 1 redirects code.jquery.com
visuals.kaizengaming.com
21 fonts.gstatic.com fonts.googleapis.com
16 promos.betano.de 1 redirects lp.cleverwebserver.com
promos.betano.de
code.jquery.com
13 i0.wp.com www.desteptarea.ro
5 www.googletagmanager.com www.desteptarea.ro
promos.betano.de
www.googletagmanager.com
4 track.adform.net 2 redirects promos.betano.de
4 tr.snapchat.com sc-static.net
promos.betano.de
4 12738953.fls.doubleclick.net www.googletagmanager.com
4 lp.cleverwebserver.com www.desteptarea.ro
lp.cleverwebserver.com
3 bat.bing.com www.desteptarea.ro
bat.bing.com
promos.betano.de
2 adservice.google.com 12738953.fls.doubleclick.net
2 a.mgid.com www.desteptarea.ro
promos.betano.de
2 connect.facebook.net www.desteptarea.ro
connect.facebook.net
2 s2.adform.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de www.googletagmanager.com
promos.betano.de
2 www.google.com 1 redirects promos.betano.de
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 gml-grp.com 2 redirects
1 www.facebook.com
1 tr6.snapchat.com sc-static.net
1 api-js.datadome.co dd.betano.de
1 sc-static.net www.googletagmanager.com
1 www.googleadservices.com 1 redirects
1 dd.betano.de promos.betano.de
1 cdn.jsdelivr.net promos.betano.de
1 code.jquery.com promos.betano.de
1 s.w.org www.desteptarea.ro
1 call.cleverwebserver.com www.desteptarea.ro
1 region1.google-analytics.com www.googletagmanager.com
1 sender.cleverwebserver.com 1 redirects
1 pixel.wp.com www.desteptarea.ro
1 c.statcounter.com www.statcounter.com
1 ui.cleverwebserver.com www.desteptarea.ro
1 scripts.cleverwebserver.com www.desteptarea.ro
1 www.statcounter.com www.desteptarea.ro
1 stats.wp.com www.desteptarea.ro
1 fonts.googleapis.com www.desteptarea.ro
220 40
Subject Issuer Validity Valid
desteptarea.ro
GTS CA 1P5		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
promos.betano.de
Cloudflare Inc ECC CA-3		 2023-09-11 -
2024-09-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
dd.betano.de
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
landingpages.kaizengaming.com
E1		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-23 -
2024-01-21		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3		 2023-10-10 -
2024-11-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://www.desteptarea.ro/
Frame ID: 01BDB8A61ED47AB69B6FF22184C06CD1
Requests: 88 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
Frame ID: FF6D5F8D4B7789400C1151086333465B
Requests: 4 HTTP requests in this frame

Frame: https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 2AE9D9A3658C1D91EA662E34F1BBFC3A
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Frame ID: 4C8FE84AE52E5DD7AE333AD74DF4ED26
Requests: 87 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: AEE370CB0E1E15308A13500037167533
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 8E0F26838BCA5A006982FD30DCEAA861
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CJmyx5ur3YMDFQhNHgIdxi8KqQ;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: 0E234F1224CD46CC46A7DD3951DB8CDE
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: 8679F5ECF759476C872E605C429FEF20
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Frame ID: 01F3B214E775AEB3682FEEF29375D1A7
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: F796F1C05EC4E99C262DAE090EEEE026
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b2baa976-c517-4ae3-b4ae-229b028b72b2&u_sclid=41df7d34-8fed-40dd-aff8-33d44224c879
Frame ID: 9E8FB73A73EF72468D39E6E8E893114A
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 8C3EF8851927A077749FA090D70101B4
Requests: 2 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/b5bcb02e-cc69-4eb6-b406-f3162ebf97f6
Frame ID: CEAE17247D1D079502C6526AE9891010
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: A11B8E1DD926BB948225BA1F4F93AC29
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Desteptarea - Deșteptarea Bacău - Liderul presei băcăuane!Desteptarea - Deșteptarea Bacău - Liderul presei băcăuane!

Page URL History Show full URLs

  1. http://www.desteptarea.ro/ HTTP 301
    https://www.desteptarea.ro/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

220
Requests

95 %
HTTPS

65 %
IPv6

26
Domains

40
Subdomains

32
IPs

4
Countries

3697 kB
Transfer

7394 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.desteptarea.ro/ HTTP 301
    https://www.desteptarea.ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://sender.cleverwebserver.com/group/51407?id=773743&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&r=875317643&tok=33419711310201791433&t=1705251054&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00&ts=0.204 HTTP 301
  • https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
Request Chain 76
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 85
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE&AutoR=1 HTTP 302
  • https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Request Chain 110
  • https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 117
  • https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3ZLQ2I HTTP 302
  • https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3ZLQ2I&is_vtc=1&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&cid=CAQSGwAvHhf_-5fWAlqiMtEkUh-RYwP3wZ1WvoI4kg&random=2724395461 HTTP 302
  • https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3ZLQ2I&is_vtc=1&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&cid=CAQSGwAvHhf_-5fWAlqiMtEkUh-RYwP3wZ1WvoI4kg&random=2724395461&ipr=y
Request Chain 118
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CJmyx5ur3YMDFQhNHgIdxi8KqQ;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F
Request Chain 134
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Request Chain 135
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826 HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Request Chain 186
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 187
  • https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 301
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 188
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

220 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.desteptarea.ro/
Redirect Chain
  • http://www.desteptarea.ro/
  • https://www.desteptarea.ro/
643 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b62548e368be44df597b5ccb496b52a6ab34d146a13b1588c8650b0c325ab1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
845761720e8b3612-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jan 2024 16:50:54 GMT
link
<https://www.desteptarea.ro/wp-json/>; rel="https://api.w.org/" <https://www.desteptarea.ro/wp-json/wp/v2/pages/393290>; rel="alternate"; type="application/json" <https://www.desteptarea.ro/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REZCsqhNVkfi%2BhfbElNHwQKJHUGs3VmqccGyjqegrKehgZkAPoyf%2BIFZvBHI7OjaVuVXeHxDR1O%2BhHFKIJ9SJZJ6RrY30HSCGB9bOtXDyaTlLQSJXuXIHU07G8m8N2B68%2FRcutVJk2FZbw7A1VXaoBM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
84576171cfa21909-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 14 Jan 2024 16:50:54 GMT
Expires
Sun, 14 Jan 2024 17:50:54 GMT
Location
https://www.desteptarea.ro/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1LKORRjthA5W%2B1Ag0SmMmIQr33bXlwwt5c7cyYlOk%2BotFqukfoSNcSYn3yY%2Bnl1vn6tK5Cbo6VSNW%2Fm4zDl7loMR2Bzfd8rptc30qilt7Mik86dqkSRoSnA74ECd%2F7VknEmqCFEGJtK%2BGGoJJfcCrA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
www.desteptarea.ro/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/apps/head/4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b696652d817d82744bb5a64a9e78cd1e029b3364f0881e9d9ad1ce28fc7e6003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-amz-version-id
jHOGQm8TIVSv2ijk8liUcFX3rXfSLesM
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TDZ7B2SWHV2C5GS6
age
3842490
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IqqCOl22UFWPkKpiIbF62m0qGu3aryjYC3cFusN9JqerMRxNCbUxL5ppwgnBpLoGHaW8jEaPHEE=
last-modified
Thu, 22 Jun 2023 16:47:20 GMT
server
cloudflare
etag
W/"72ed5df38f5354e8471fbf6bb70721d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VMii1lWlsMLOvORWD0frHWXaAK0Ek5SwIX9Ln5Lixonz5MUzOb7ks1gB7Eh4xRWab1KSAqZSIS3pKw%2BX4e39eRHHdnMbWlqqtSkCT51VtXfZ%2FXT1acpJcL5x3Zjl4Wfw%2FJPGE2DH1GL0mAgoOxrs1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
84576172ff8a3612-FRA
jquery.min.js
www.desteptarea.ro/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Nov 2023 20:48:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5428732
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Sgu2X8wfSC5Sphv03uakj3hPkfV0wHUQs%2BWnWXOYhMi5wFog%2FQk5vd2d8mFtEAvSEUFkz4nbK4ZQ%2FtuI1JlFEnBDz%2BQ7oNW0Nl8sk2%2F4UYs8JRqzpBXCd7p5bD4Sg3LvsChX1iXtsZe1%2B9WJXfxwcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576172ff8d3612-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 02:52:02 GMT
casa.jpg
www.desteptarea.ro/wp-content/uploads/2023/12/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/12/casa.jpg
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5203e80b3c2052f6e01718d37241ca1bcc261ac5dcdab29cfe7255c2e4a2b227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3476761
alt-svc
h3=":443"; ma=86400
content-length
74999
last-modified
Tue, 05 Dec 2023 10:54:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX4Jhfmp6ntxVyfGxjYJDn0yzSo%2Fs0Vk2Jm%2BKSYwFBHbom5U%2B6%2F9M8KroMXrTasBaz06kbRRwughvQQFJbtkooK6%2FA6NbeM5hdqQCW%2Bc8777AEWkTk35RI9jyoaC0iIzLMcOxHdLCn5JwVBgLbbZnVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84576172ff913612-FRA
expires
Wed, 04 Dec 2024 17:04:53 GMT
cap-desteptarea-nou.gif
www.desteptarea.ro/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/10/cap-desteptarea-nou.gif
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bd571ea670c264efcd43b8c6377b499d34cf2fe10fe4202dfdb2a3890e7885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5744847
alt-svc
h3=":443"; ma=86400
content-length
20523
last-modified
Mon, 30 Oct 2023 13:58:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FsEfcgSkxsoGoQl4oTZnJqNFNvY%2BL%2Fsd7SRZXRt5WFkK8J55n3nAo9UU%2BGXxdkvXTABXewlMTO9S3zhB0sbcOPkz6kvoyMM%2BKzGS6Zyi5mW4Jilsda4aniCfAzuC%2Fwb5Vg0zQ3AkrB1h7vg8j4ZAxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84576172ff943612-FRA
expires
Fri, 08 Nov 2024 11:03:27 GMT
logo.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/02/logo.jpg?w=340&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
523762d6589fbd8cdf6ae37fedb69e5c53aa492691908a78531e6417b87d6873
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
4038
x-nc
HIT ams 1
last-modified
Sun, 02 Jul 2023 21:51:21 GMT
server
nginx
etag
"768f3944cf4733ee"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2020/02/logo.jpg>; rel="canonical"
expires
Wed, 02 Jul 2025 09:51:21 GMT
wt-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2020/11/wt-1.jpg?w=400&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
83e2cad04c8ef32b86de276e74364c2476e9b1634ddb687ecdb9da3b5479db67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6954
x-nc
HIT ams 3
last-modified
Sun, 02 Jul 2023 21:51:21 GMT
server
nginx
etag
"6b4c198a38d0cb8e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2020/11/wt-1.jpg>; rel="canonical"
expires
Wed, 02 Jul 2025 09:51:21 GMT
bU9EAJ3XsHjFh_SszCFXVHtihLg.js
www.desteptarea.ro/cdn-cgi/apps/body/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/apps/body/bU9EAJ3XsHjFh_SszCFXVHtihLg.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/cdn-cgi/apps/head/4rhaG7_VJSIAwSXpZSYd8KfBxYo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc4f867a343a82689f30c1224ab9afbdaebd5207e037fc77b99de31425cba91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-amz-version-id
V0ZzOf2UC_5mKiMWw.K23gJpIxOaSara
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DRGN592MY02MX3QW
age
5752305
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4bgHjsyzYOGunQ0MVhKAaGdEi0UFmsIcpChCN3BEMxto5Z5tVIJjTm8Uj/0Y5W9zLUFlectquOU=
last-modified
Thu, 22 Jun 2023 16:47:20 GMT
server
cloudflare
etag
W/"8516c352499a582d2b0658b93c1f4ca1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKZUIokhfE2ZZjw1PycDYsC9tnAmaSbAPfPy%2FRgjQryu6cIAr5GoH18ONMAS7aTDfoiAM8JRp%2B2KoQ%2BxZOkXM6Opee80KFd12Y5OD4vxSIhDdhAr4M0YopfpTl15YNDYEs954PEukIkJqsCYRuIWvmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
845761733fc63612-FRA
mediaelementplayer-legacy.min.css
www.desteptarea.ro/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Dec 2020 06:13:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1902096
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR2yeElDu3MRYy0lN75V6Oc4%2FrCLvYz%2Bsonue0ZRcbj6Jkpf66iPM9bssrvEAHE%2FQXZVoI0Mkzb2DNgpOQhBzSGc1E8G%2F3AMLY1jg6iHg8CSQJy1D%2BP5Sry332CrcIOA19aRq5nA%2BHk1jSQVAxzczz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fcb3612-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Dec 2024 22:29:18 GMT
wp-mediaelement.min.css
www.desteptarea.ro/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.2
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 09:43:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1902096
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdPuQ%2FrbQ3ILL9bXMJkwy0aAW9TdSWPx48QuJDd7M2Oqb1um9DFHmk0mYXa7R2zc4D9idMXha0zVVGjNeI9HQKHcMW%2BN9w2TsaQpfOdu4%2F2xujS5Qgq9QyOhLFBFga%2BGPmIBtA40abn1VcgTuBlDsk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fcc3612-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 22 Dec 2024 22:29:18 GMT
style.css
www.desteptarea.ro/wp-content/plugins/td-composer/td-multi-purpose/ 		38 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1986132
cf-polished
origSize=38728
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlAk1aRsyfWkQLVJLPY3o4wPbazuRvog9z98MFFe1dTm%2FSxgc7A0%2FUbSlF%2FKEnF2xoTAGOsX5Ad3tmCvwrv1CAIh%2BbkwXG2dbeVgymOWdZgWeuJSyng9GRjfeynteRREvjYSxG%2FVOurKcJazhkp8et8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fce3612-FRA
expires
Sat, 21 Dec 2024 23:08:42 GMT
css
fonts.googleapis.com/ 		41 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
890de6bda19513dfccb36d66c3551c4d3ff55f47ca9f65def1f8551c7c1543e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 16:50:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 16:50:54 GMT
font-awesome.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91d91bb1ca4c7eb188fbf2d6529173468f3e12b75aabd4ef301710815901626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1985158
cf-polished
origSize=43832
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpsvCPyiAD3dyv%2Foufrarbrl7CWZtD0ZMBUibQizI%2Bbc48zHE5hVsgEn3q%2BVA5ZRMyWoL6MSo3l5PEI%2FnCR9OG8tSGQVOjJepcIZkZgpLhVarRQd4BRKMCvet%2F3vM4YukSX%2FGe5A1%2FL6mN8pLGJsavw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fcf3612-FRA
expires
Sat, 21 Dec 2024 23:24:56 GMT
typicons.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0f19d05c31552677c3717dd15e46d2d42903c8ffaa00adeece91c45c19665f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1984652
cf-polished
origSize=26679
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuORia3MaVuYasYP0o5HTdxq2z2LMJvwDVPZmmHYygLWjzy2p%2FCjtVLjX5SwQ767Of109iID66sPv2BAMnEf3dagcVgtYKoz3aBM388ZqNJ%2FZCNjPibgfPP4vwvsqzCN2EMKLa%2FrN2GalnDXhT8V9PY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fd23612-FRA
expires
Sat, 21 Dec 2024 23:33:22 GMT
td-multipurpose.css
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1984652
cf-polished
origSize=12001
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2ZNrVIAyASWt3ITS1FuZoQjzD8wM3SkIUM0nZlNKRfa4aDN7vHS%2FxPx%2B88bSEx6ndN%2Bjf%2Bcni4NYDIgN0dFl2ctn%2FkApzWeqIr7XQxmNQL6ZEd3mmL1XnLf3tMXU8Fq1ae5gzGf46RYx6JQAxlL3bA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fdd3612-FRA
expires
Sat, 21 Dec 2024 23:33:22 GMT
style.css
www.desteptarea.ro/wp-content/themes/Newspaper/ 		112 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8e252ca4e5d2d5e9ed4b681995105f525e35bab43539d099d4eb50ba345902

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
722370
cf-polished
origSize=157014
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jXCyfUSpFX%2BC%2FOD9y3ppC%2B6inHNSjyRjziQfTTvx%2BV4jZAortlK77927HJzaTH2Pj8BqFEjYV7F0Xf5qarwMP869YRrQbdCyxRzbs9ThjhhgqYBgrEcYd6RVjV0ZCpthwjU56UtkmyEDFuTl%2FV%2FtRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fe03612-FRA
expires
Sun, 05 Jan 2025 14:11:24 GMT
td_legacy_main.css
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		136 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84c2b7321ad8eb40f83e070818c856e6ce0081e36bcb0c052cdc20ab9dfaaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
401555
cf-polished
origSize=170492
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vB8PBDCqMhHi4rvO3GtvPxvN5Qyl%2FsO0dxj68n%2BdMxwiaUANUNl2xg9MxaLLGtzCf7l2tpuYzxcCeNFPpZs%2BmHHFmvXgATLH6E2b2sEg7sTZZwHA4PGmJG3IJ3jmt45x%2FnmDk1nuiz30hyIV0F5O034%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fe23612-FRA
expires
Thu, 09 Jan 2025 07:18:19 GMT
td_standard_pack_main.css
www.desteptarea.ro/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		571 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=ced655a2648d3677707c9e7999346fb6
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171b52327c92328999d34a6409855714238bcbf554c4367b08e72fb5c80ff5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1984652
cf-polished
origSize=734250
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPsI1e4QXdqJ%2BVIbDqLy%2F2s3Ep6b6qsMzjbttI0WbfvwUG2sc5yWKwqRYtzkZIrqpT0ZYg%2FZrD5Ez1Je1o%2BC59y6lDGllRQN2%2FFgW63ytgXjFU7B20OSB1gXrqv%2FjmzCULRe%2BDoVIvr1N25pfjPNQ4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fe43612-FRA
expires
Sat, 21 Dec 2024 23:33:22 GMT
tdb_main.css
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=6cc04771d778c6f460cf525df52258a3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afcc663536de33d814d9d34e095d967c24ce211d814f8957ff9ff313bea37693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1985154
cf-polished
origSize=48163
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qupHZJtBKEeCsnVjSJuxsx6FMP%2BrY%2FESrhdvS5s8W6th6MP6cSFGukPu2WqUl9PlBc2zltUokzk5pKEkKPWJm0JpG66Ah7tbyDdML6WZ%2BIwgOdnQnwC8UnqFL%2BeP7huDE8nwKdVKu9Yu5%2Bbi1MSzKaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fe53612-FRA
expires
Sat, 21 Dec 2024 23:25:00 GMT
jetpack.css
www.desteptarea.ro/wp-content/plugins/jetpack/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/jetpack/css/jetpack.css?ver=13.0
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
345d30bfda363b5caab40c08fd96746739a9c5be673a0887cc4d16fc264132af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199400
cf-polished
origSize=101629
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 09:27:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsEZbslThVFcdISdiS71xfAvXRFcfAonsX3ojcQ6ufCBopAk2t3D%2FXml84ZTC4zQuCkr1IISlNGZeO1jO%2FgBjgIrH94aIv2pjT5jNCLCKSw0%2BAmetennRqUdd7g60Ob64AvNNAz1hMnDer8QZNK%2FgmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761733fe83612-FRA
expires
Sat, 11 Jan 2025 15:27:34 GMT
1c73afb47337c10c4899f15a56bc8ff6-jpg.webp
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2022/11/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2022/11/1c73afb47337c10c4899f15a56bc8ff6-jpg.webp?ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8834768897bb19af020b5c6afbbf0f981c17f4c15c444925c5a70348347fcb20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
40798
x-nc
HIT ams 4
last-modified
Sun, 02 Jul 2023 21:53:01 GMT
server
nginx
etag
"77246de89b739d1b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2022/11/1c73afb47337c10c4899f15a56bc8ff6-jpg.webp>; rel="canonical"
expires
Wed, 02 Jul 2025 09:53:01 GMT
SAL.png
www.desteptarea.ro/wp-content/uploads/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2022/08/SAL.png
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ac9b215d2e2d8b8330b9f3bf9f87aabad95656aadaec0796915794b566007d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164261
alt-svc
h3=":443"; ma=86400
content-length
3669
last-modified
Fri, 26 Aug 2022 16:02:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ilWeM%2BewtM720kGjHMEvmVV0hc9kpAkoYozQ%2FNq62B2CfMVJ5SaYQOeRlfrmaqGwpz5w4qVs0f81r8Kzq06324Lse1RQHK1Fsfcapz2Tp8dMq5yl62BKVES2Xi%2BJh%2FS2rA8R0X3aabrkfuJiIfFNX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761733fc73612-FRA
expires
Sun, 12 Jan 2025 01:13:13 GMT
SOL.png
www.desteptarea.ro/wp-content/uploads/2022/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2022/08/SOL.png
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30afaa4f3695ec3d2b03c378dd7d3aa49aad4b9ca26ec08fd7f32822a32a8655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164261
alt-svc
h3=":443"; ma=86400
content-length
2826
last-modified
Fri, 26 Aug 2022 16:02:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6hyeajCP8RrBuTsDOHNzQifcJ%2Bq8dsvgEaahyuyHGzpBG036MUTGEzIBeeSWwNIPW%2BouPW%2BqbFqUbRtM%2BznsP4D0XOU0xiaJVJsxfzB5z9K0AxP5F43V4HZe5jfddnCRKSpqniceLnXT7Ms%2BBoTxuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761733fc83612-FRA
expires
Sun, 12 Jan 2025 01:13:13 GMT
ban-ZIAR-COM-160x133-1.gif
www.desteptarea.ro/wp-content/uploads/2023/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.desteptarea.ro/wp-content/uploads/2023/07/ban-ZIAR-COM-160x133-1.gif
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39fb09590a254d659b848446fe21a9155c886420fd119cd42e140ff5e8c09c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3839906
alt-svc
h3=":443"; ma=86400
content-length
9610
last-modified
Sat, 01 Jul 2023 06:11:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZFw1lAdr6gt3N2KvM83kKZIlETh6pRyY%2BQc59HO1w43ConD79S5YzDYnJBWHHuNBNRT0nRiJuxVLuy6oCAIvsG4TZvu%2BIAd%2Be9NbGWCcX7aXugImWcMmYq%2Fgq4nishPEXzrbY%2FA%2BDk8FXFZ0G%2BBM6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761733fc93612-FRA
expires
Sat, 30 Nov 2024 12:12:28 GMT
jquery-migrate.min.js
www.desteptarea.ro/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/jquery/jquery-migrate.min.js?m=1692891375
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 15:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3922746
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clccx1k3NVBnlGi38%2FyGwhdeqa2SNEhqchmnAGCcq9IrEDjsHXdtBTggxcNh0smUYtzfwtnrDbN2Umy7HL2d3V5UEKEcKvsys58pBIwd%2BevCoKj3nIgjtKSfXHXyemU5%2BN99enTA3YlUS8SmMVx14Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761732fbd3612-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Nov 2024 13:11:48 GMT
truncated
/ 		145 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67748f8cd5f52677bbeb04e15eadf694f50793e7b7f015607c5d1a78b2ccd2aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6669d5e7c502e78f47641fdc65a7490656d7b0e567cf155e7f51df8d750c378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
rss.png
i0.wp.com/www.desteptarea.ro/wp-includes/images/ 		520 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-includes/images/rss.png?resize=14%2C14&ssl=1
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
520
x-nc
HIT ams 2
last-modified
Wed, 20 Dec 2023 13:31:27 GMT
server
nginx
etag
"c36669b537ee79e1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-includes/images/rss.png>; rel="canonical"
expires
Sat, 20 Dec 2025 01:31:27 GMT
/
www.desteptarea.ro/_jb_static/ 		157 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/_jb_static/??-eJx1jk0OgjAQhW/jSjpggq6IN/AKZGgntaV/tgOE21sXuNLVy/te8uXBlhoZA1NgSG7RJhSwxAnlfOS4UlAxAy4cPTIbeSyN8aipkSqAMoXhW4UtZ/hhRpUjIxM4M2XMO9jXQnkXBxfSGTlzrm7K/ySsKvIpFsrgSKPc4UFbSZgqsHVHrcw68pM8CW8+Z+5+6G5t3/bd9dKf5DR0by5qXHY=
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52af4a707c20f15281abce98cd9e58502a98a466ce2896e977afe34c2b6a2f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jan 2024 09:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-page-optimize
cached
etag
W/"b48f4128f1566fbb97d5569ef6931178"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7lGZxVbmvv7o6sXkzE%2BPuTl16G36A94pDsUPLFn6zkyp5OWdnGwo3Esxy3c5Zv%2Ft1Se8SjFXdt%2Fg0QOJRCP0eTUBi8h2yaOxT%2BsicnF2KF0sQzHAM9FO5m%2Bb51CxRAJ4N04kXwkaGuvXizMjf5YfY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de816fe8-CDG
alt-svc
h3=":443"; ma=86400
tdPostImages.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5820bab8388c31b58a24f1930839b761838e25f2fb62bf01defe79682df91434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2418127
cf-polished
origSize=2449
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHJIYVA01%2Bnjr2W7s9eCZHzDIjwM%2BI8PYySqsaWZ4BiaaxYSkmQMykwh792iAdFWFKM9YAqcFxKmaY%2FYV6rvfJv3nyQvt1iJDg4xC7ZxB4j7Bqrm2acKQExX8uSaXXrBeDWPOQH4m1zb49Jw7YjUOr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de866fe8-CDG
expires
Mon, 16 Dec 2024 23:08:47 GMT
tdSocialSharing.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?m=1702832914
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8ab1a0ac9c26942bdc4e0ecc6813dde09c8fcf4a026e646c9e298ac14df58f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417562
cf-polished
origSize=2632
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz9f8CWQEQ7RxqcsX4dRVBidnqwNH0%2Fg7UGERtmbV6jhJQYz4jVka5T1Z2AlumXGjCcHvuLXtnmrQK%2FkxCWopdGPUnxQCG3p0Xtd%2Fn3zigtEMQ7CJ3FdiB7BxeU3GxQz7RTq67qKjGO4dhs95ZNZK0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de896fe8-CDG
expires
Mon, 16 Dec 2024 23:18:12 GMT
tdModalPostImages.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2245285a8ccda188395559d75e32d8450f722c98cf130079efe9a404a16c7107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417562
cf-polished
origSize=8892
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzsGSKoX8Ruz0UAq4DOw4FeMRLeFdjeCLRGIte77FZfRbCwTsG8gJforNLx9wsqULL6rdCM388kNGor3fU3Xoc2sDA36YGOgyO1VtePMckm3DBZe%2BbZVMkULs5OQrCPtgej2zUC2WXfijnuF8HdYjgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de8d6fe8-CDG
expires
Mon, 16 Dec 2024 23:18:12 GMT
comment-reply.min.js
www.desteptarea.ro/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/comment-reply.min.js?m=1654688950
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Jun 2022 11:49:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3937130
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGP3v4Ff%2B3byzHBRUIoswtrgz8hPWVTpF1yLXrgHWf8vz2p5elt%2BgHr1z4BTQ0ohizujZHosaQIozZ7gkN0E2pm0u02wj7K0wTJJ9ji759o3KUYY6xkeLOxW08GplGwMHRRoPWzz4uawVR4f6EvVYjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de8f6fe8-CDG
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Nov 2024 09:12:04 GMT
e-202402.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202402.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 06 Jan 2025 16:24:07 GMT
js_files_for_front.min.js
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?m=1702832921
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2418107
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuLyQL98vEo7mKxEOsbmC%2FiJsiKgIuhXXK5dXKs14TQydAlEsuKo6ChMTJSKZMSZnA9vndceHNOhMd7dYWwCCkaLSbej39snssd2JWkd1pHDytQuRSnvdbROJqGf4G%2BXewH9PwA0ygPXF06c%2FAZiUcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de916fe8-CDG
alt-svc
h3=":443"; ma=86400
expires
Mon, 16 Dec 2024 23:09:07 GMT
counter.js
www.statcounter.com/counter/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Jan 2024 13:46:21 GMT
server
cloudflare
age
1139
etag
W/"65a142ad-a313"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84576173ec0a2c73-FRA
expires
Mon, 15 Jan 2024 04:31:55 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X1VRQ4MQEN
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d29ae6e3e6f760d831dda3eab40c8a2199648e651b7f3583738ecf604c957834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 16:50:54 GMT
tdLoadingBox.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6902c494f155dafcadfb24f795da7ccf627052547d66b35053ca3582a78ffb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417562
cf-polished
origSize=2670
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0zFAAw7piddEjhpihe2eO3LQDiVPmKDypzfjqZT2q8bfxdFeDGVq1nikAWVluj0VYsO2bIkk7R3Q5kT93YQojedTep9OLCB8W9nb6oyTDuBBS6dXoYcNtSOUnJVKvIqMHKI14q0ycrPGfmfifkMH74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de966fe8-CDG
expires
Mon, 16 Dec 2024 23:18:12 GMT
tdbMenu.js
www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=6cc04771d778c6f460cf525df52258a3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c62d99354195470e5b00ea8c9590bfc5810e78bf2e16fd72ae60785c19e0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
764094
cf-polished
origSize=10781
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BITJKBA2MxP8ou1258AK2iCd0TBiQ4P89tIthSjXL5Xp7Dlj7cYlMxVLhnkAP9LY9do32eALRIKev%2FyrHyBzShJDBnhiclfzSlkM%2BlrHkn83z97fhEjV%2F1lv2MXyVbHMOrTniLGSMYYfKD5hOxtzTAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de9a6fe8-CDG
expires
Sun, 05 Jan 2025 02:36:00 GMT
tdAjaxSearch.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417928
cf-polished
origSize=6145
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT5I5rimDpWU5bqoHholCJECAvK5R54czAgGQURAD1XpjC8wRzZmJIy0Imkw9iov3MMijcnS2KkXLMHdb%2BoC7zOKW0Hg7Ay8VeV7yp6C%2FaZVNmu8Pio6iVV1hq74kAR0jK5gocQMXiqsspnnD0UwUHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de9d6fe8-CDG
expires
Mon, 16 Dec 2024 23:12:06 GMT
tdInfiniteLoader.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b11c68015534cd3b9cdab77a80b64731487de92658f9786cd907794ba48c09a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417562
cf-polished
origSize=1874
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bpt6of9E9TZNIK5I041447gzuqNxCeq9dNacZ%2BZvVGdTSHgmTwAxqdea3VdsI3C6kj%2BHzjiaCyeDSq%2B0%2B%2FGrtOD%2F0GVT2YF5vOqxXT1TXb9Fql%2FToDE78867CJE%2Fm2JOTVLD7SggmumCUSnTsc1ObG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de9e6fe8-CDG
expires
Mon, 16 Dec 2024 23:18:12 GMT
tdSmartSidebar.js
www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.3
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38793abd47e804032b94c26bb34ed5ee269d88a71dafe447498536523146c8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2417562
cf-polished
origSize=9716
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 17 Dec 2023 17:08:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXLj%2FDUejzf0j0OheCN2BtOdZRozX0MyrUv7ujfCDX9skfxW09ynpnck5Jwjnb6xZxDwkpoaTIc7xRLJKPdCQwIRi%2BFUbOprpoD1xz7R4iya3baenE46z2zjWOLsZI6RV2eNDY6Spyn5uS2QdweTGvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
84576173de9f6fe8-CDG
expires
Mon, 16 Dec 2024 23:18:12 GMT
98948610-2dee-4dd4-95e1-40971b43e549
https://www.desteptarea.ro/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.desteptarea.ro/98948610-2dee-4dd4-95e1-40971b43e549
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
fab9ab356b6af7e8d3ec672601ce11f2.js
scripts.cleverwebserver.com/ 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/fab9ab356b6af7e8d3ec672601ce11f2.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1df83f5da497d02441ee7898515886d42aa8f18e0f9cf38e110d6b470f15763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
x-amz-version-id
aeNc2S1CKGcNQ.wF2Be0vBhBJwIq7mPL
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Dec 2023 17:12:54 GMT
server
cloudflare
x-amz-request-id
PPD9PXZSET8JBQK7
etag
W/"cf4a5c550451cd97ecc2cc53f77072e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
845761744a802c37-FRA
x-amz-id-2
3hBMDJrvguV4H1n1c9ssb/RM3mUl8Za2WinKDmhPzYQ/oeq8Ga+FpVeY91NrnU7bkRpYVhIiA6w=
expires
Sun, 14 Jan 2024 17:20:54 GMT
truncated
/ 		430 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
newspaper.woff
www.desteptarea.ro/wp-content/themes/Newspaper/images/icons/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23

Request headers

Referer
https://www.desteptarea.ro/wp-content/themes/Newspaper/style.css?ver=12.6.3
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3839936
alt-svc
h3=":443"; ma=86400
content-length
33904
last-modified
Sun, 12 Nov 2023 10:50:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFl627Ogo84%2Brk2M103SMykwe%2F%2F66bW4XSa%2BZeyqNbFFQqIzjCa%2FClSKHwUd9EuDFs8fLEiT7kYvAK5MG%2BLbVlx19wwGmjdIja5%2FgpeYqfDE49PxMzWiNqIdzIBcyID8G0I37%2B2tjVUlXzPyQ5ZX90c%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761743f4d6fe8-CDG
expires
Sat, 30 Nov 2024 12:11:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
297791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
fontawesome-webfont.woff2
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4097599
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Sun, 12 Nov 2023 10:50:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZQ2HokDycFWZvwqJ%2BCvVR4H9kSjGSDGYhWEfWHLeVm60M8fyLOKXTU7GJuD4wf%2BkcvxBkdb5%2Fm79L6lfKfOuZ1cs5ANvVabs6opZptsHI7K8mQ0nn%2F6BPOfUHOIZIz79pX95Frph6spdL%2FAF2f3VMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761743f596fe8-CDG
expires
Wed, 27 Nov 2024 12:37:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
459640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:10:14 GMT
typicons.woff
www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.woff
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8

Request headers

Referer
https://www.desteptarea.ro/wp-content/plugins/td-composer/assets/fonts/typicons/typicons.css?ver=6e115e4f3fd55dfd38f44cc142869bd1
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5078914
alt-svc
h3=":443"; ma=86400
content-length
59872
last-modified
Sun, 12 Nov 2023 10:50:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkstbMFth%2FAL9utgySOs5IWQ7WTgr%2FrdhDU3PzVCjNFWcrzccU2JgfWtQoZTeE8TQ%2FR3UbJLO%2BFA8jqnEGDu6fs3BgZ%2BYZOuUbJ8ldk7oR9oSqlBGuG2NWjS7vAgkt3xtr4x43Dt1%2FU2FcqesdwqyE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
845761743f606fe8-CDG
expires
Sat, 16 Nov 2024 04:02:20 GMT
ieVl2ZhbGCW-JoW6S34pSDpqYKU019K7DQ.woff2
fonts.gstatic.com/s/ptserifcaption/v17/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserifcaption/v17/ieVl2ZhbGCW-JoW6S34pSDpqYKU019K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
649548b779f30cb63e141770df9c1fd2aec5de08cdea49c4c9f8d8a5180a4ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:48:02 GMT
x-content-type-options
nosniff
age
468172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39676
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 06:48:02 GMT
QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2
fonts.gstatic.com/s/outfit/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/outfit/v11/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5897a8849de15a2ad907e8774d83685f49fd94cb15d986aa6333b9bb74dd106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 03:08:27 GMT
x-content-type-options
nosniff
age
481347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14084
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:40:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 03:08:27 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 04:46:03 GMT
x-content-type-options
nosniff
age
475491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 04:46:03 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:21:52 GMT
x-content-type-options
nosniff
age
188942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:21:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
516171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 17:28:03 GMT
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:01:41 GMT
x-content-type-options
nosniff
age
182953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 14:01:41 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 11:46:45 GMT
x-content-type-options
nosniff
age
191049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 11:46:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:10:29 GMT
x-content-type-options
nosniff
age
200425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 09:10:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:24:40 GMT
x-content-type-options
nosniff
age
138374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 02:24:40 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 21:16:49 GMT
x-content-type-options
nosniff
age
502445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 21:16:49 GMT
ieVl2ZhbGCW-JoW6S34pSDpqYKU019y7DRs5.woff2
fonts.gstatic.com/s/ptserifcaption/v17/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserifcaption/v17/ieVl2ZhbGCW-JoW6S34pSDpqYKU019y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86dd9db9351238b225bf1ed74e5c25c6bc013460366dd41775ac2dbf62cd2300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 13:05:28 GMT
x-content-type-options
nosniff
age
99926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 13:05:28 GMT
QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4i0ExAo.woff2
fonts.gstatic.com/s/outfit/v11/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/outfit/v11/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4i0ExAo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04647840b1b815ef28f377da140c4bc45821a5772d1d4e32a2baf3b754c6574b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:08:16 GMT
x-content-type-options
nosniff
age
146558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6188
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 00:08:16 GMT
iJWKBXyIfDnIV7nPrXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nPrXyi0A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:45:32 GMT
x-content-type-options
nosniff
age
486322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18928
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 01:45:32 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:14:38 GMT
x-content-type-options
nosniff
age
491776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:14:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:10:28 GMT
x-content-type-options
nosniff
age
297626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:10:28 GMT
EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:06:50 GMT
x-content-type-options
nosniff
age
179044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19332
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:06:50 GMT
nKKZ-Go6G5tXcrabGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcrabGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:31:20 GMT
x-content-type-options
nosniff
age
181174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19756
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 14:31:20 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:54:46 GMT
x-content-type-options
nosniff
age
460568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:54:46 GMT
QGYsz_wNahGAdqQ43Rh_cqDpp_k.woff2
fonts.gstatic.com/s/worksans/v19/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_cqDpp_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif+Caption%3A400%7COutfit%3A400%7CKanit%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif+Caption%3A700%2C400%7CPT+Serif%3A700%2C400%7CWork+Sans%3A500%2C600%2C400%2C700&display=swap&ver=12.6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01be3b09ff08b902fbf43a706aca14b09af89436ce97bd20e82d2ba7d1a6a64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.desteptarea.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 18:18:15 GMT
x-content-type-options
nosniff
age
167559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 18:18:15 GMT
/
ui.cleverwebserver.com/ 		159 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236eec7cd541709e54ad85c475d501927cec27afa6783fcef3154b476661cb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
845761751ba12c37-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
t.php
c.statcounter.com/ 		192 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12932177&u1=07AD7C9EE5904FAC36AB9CEBA1C4DC75&java=1&security=25de08b3&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.desteptarea.ro/&t=Desteptarea%20-%20De%C8%99teptarea%20Bac%C4%83u%20-%20Liderul%20presei%20b%C4%83c%C4%83uane!&invisible=1&sc_rum_e_s=723&sc_rum_e_e=738&sc_rum_f_s=0&sc_rum_f_e=414&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.desteptarea.ro
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
845761763ef72c73-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=82660348&post=393290&tz=2&srv=www.desteptarea.ro&j=1%3A13.0&host=www.desteptarea.ro&ref=&fcp=380&rand=0.713137554061352
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 Jan 2024 16:50:55 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
www.desteptarea.ro/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 07:21:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3365348
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMxpL0UVfBujcFC6CKpSZ3XmozIH3hYC0TEtdNfodCeKSjClwrKdWxftv3G3Zd27bRN%2BUhMkE%2Fkol2CCuvdnOujS1dUMgUvb6l79pjysJHd5wk3QtOwajflgfX%2Bf4xF4Oi8Ek%2FIEsn28q76OSj5PuoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
cf-ray
845761763bd16fe8-CDG
alt-svc
h3=":443"; ma=86400
expires
Fri, 06 Dec 2024 00:01:47 GMT
widescreen.html
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame FF6D
Redirect Chain
  • https://sender.cleverwebserver.com/group/51407?id=773743&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&r=875317643&tok=33419711310201791433&t=1705251054&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=...
  • https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2Jm...
2 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63b548949cffad3c71f1a181c65dc95192cbb262411ce58d638578045ee1e8e

Request headers

Referer
https://www.desteptarea.ro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=28800
cf-cache-status
MISS
cf-ray
84576177df122c37-FRA
content-encoding
br
content-type
text/html
date
Sun, 14 Jan 2024 16:50:55 GMT
expires
Mon, 15 Jan 2024 00:50:55 GMT
last-modified
Fri, 12 Jan 2024 18:25:13 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
ed+YwlAwqPDWSXeYJ+2t1Kuee5+B25FqIC1yGIPTp8d2fiChYpSKWNs+U/MLlmvhQuOFABkgjx8=
x-amz-request-id
50NMTWM8J6TV2F9G

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
845761765d3d2c37-FRA
content-type
text/html
date
Sun, 14 Jan 2024 16:50:55 GMT
location
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
server
cloudflare
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		655 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
main.js
www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 2AE9
Redirect Chain
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H3
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f51e0c5846ff61b0cf782f6f7e1bd398221e810ed37991af498ee46df4f2cd41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hKMknH8W%2FiFY%2BHXOCHuCwYQFpxwnoYSwDdY6rdBXrq9Y6aA0%2FhUi9guVuMVYUDA4pPM7nqF2RyKUlxL90z5RqnrYjvxctLIcGx0awQ9SlcjFl8PvH2kZaXwTQ%2Fmh8EDGnNL57LwIDvEhdAcq8jzjZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
845761769c7e6fe8-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 14 Jan 2024 16:50:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bao%2FRgZK3Pxs4%2Ba89dZV7s%2B8xr3I%2B%2B4FasU5eqmKjoBDzgGiEyy1W0zIvUm1IPewkyCTaQPbOn2XGFQPr9dUB1RoDCOw91Nzc5q97hVO2NIxnpY8uCS0QMqJAEmJPzSbOG%2BgSFpWk2yrZP7q3vtg%2FO0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control
max-age=300, public
cf-ray
845761765c006fe8-CDG
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1VRQ4MQEN&gtm=45je41a0v893660232&_p=1705251055033&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2010538770.1705251055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705251055&sct=1&seg=0&dl=https%3A%2F%2Fwww.desteptarea.ro%2F&dt=Desteptarea%20-%20De%C8%99teptarea%20Bac%C4%83u%20-%20Liderul%20presei%20b%C4%83c%C4%83uane!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1VRQ4MQEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.desteptarea.ro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
call.cleverwebserver.com/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=51407&c=DE&r=HE&l=57&b=Chrome&os=Win10&mob=0&v=1.60.6&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
845761767d6c2c37-FRA
content-length
43
content-type
image/gif
27a1.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		242 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/27a1.svg
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
8ab75b37e150efe65cdfd300029b88de8355d72c7bbb5d2055f902aeaec3c14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
242
expires
Thu, 31 Dec 2037 23:55:55 GMT
845761720e8b3612
www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2AE9 		0
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.desteptarea.ro/cdn-cgi/challenge-platform/h/b/jsd/r/845761720e8b3612
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbKE0KqhtXJPdAQA13aHF5%2BiZ3jdzYO9jtzcgHWYyWMU73GywvNZAooK%2BrGLg2eSOyAZGhynObms2%2FzpxSV8Fhq%2BrR%2BZ9WDBa8QId2z5dgp53jFpswh7unnP3TQce8SHAZM2%2BfXqWi954Jo8cq108J0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
845761772dce6fe8-CDG
alt-svc
h3=":443"; ma=86400
bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame FF6D 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Dec 2023 15:38:45 GMT
server
cloudflare
x-amz-request-id
ZDV5NND35FJDYKBA
age
21410
etag
"36d580ed1582db1c3722787924fc00d3"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=28800
accept-ranges
bytes
cf-ray
8457617868052c37-FRA
content-length
41072
x-amz-id-2
nGrtPFcz36gJXuPtZ+GmMLqA42i3/hd1NQeYmXjTqDom/2xw41i2iuQyFmhKvaLje+2N5hF0Ayo=
expires
Mon, 15 Jan 2024 00:50:55 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame FF6D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Dec 2023 10:36:07 GMT
server
cloudflare
etag
W/"658bfe17-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8457617868082c37-FRA
expires
Tue, 16 Jan 2024 16:50:55 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame FF6D 		1 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js?v=33
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=773743&group=51407&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNmJfMjkzMWNfJmFmZmlkPTQzMSZzaXRlaWQ9ODI2JmFkaWQ9MjkzMSZjPUpTQUJNVlBBSUlEQUFERQ%3D%3D&ref=aHR0cHM6Ly93d3cuZGVzdGVwdGFyZWEucm8v&r=875317643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QPS7D0FXX5SHQPEJ
age
21867
cf-polished
origSize=1799
x-amz-id-2
OtYH+U4xslFaWEzGwlYsHdphAaDDIPQzJv1T4ZqbxgnafaKgYL0eoku1kf6A1J38kP0KgGW4qM8=
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 15:38:56 GMT
server
cloudflare
etag
W/"e5be82211892c5a612ab8274562f1ef2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=28800
cf-ray
84576178881b2c37-FRA
expires
Mon, 15 Jan 2024 00:50:55 GMT
polonia.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/polonia.jpg?resize=696%2C368&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1fdd7a144b36adb6e59813e4e94ece504a3d5fef595cb2a9fb20320d06d2a098
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
21514
x-nc
HIT ams 1
last-modified
Sat, 13 Jan 2024 16:18:02 GMT
server
nginx
etag
"b257c825b74b42b4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/polonia.jpg>; rel="canonical"
expires
Tue, 13 Jan 2026 04:18:02 GMT
index.html
promos.betano.de/willkommenspaket/ Frame 4C8F
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE
  • https://gml-grp.com/C.ashx?btag=a_826b_2931c_&affid=431&siteid=826&adid=2931&c=JSABMVPAIIDAADE&AutoR=1
  • https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2335c011fe40c9fb1e8311bd5273f70a1fa66b355fff479bf44edf71790c0c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
89389
cache-control
public, max-age=900, immutable
cf-cache-status
DYNAMIC
cf-ray
8457617a4d5771b3-FRA
content-encoding
gzip
content-md5
uFN4f36vMGzzhOrcv8TbsA==
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 16:50:55 GMT
last-modified
Wed, 22 Nov 2023 09:55:40 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
bc5fc358-801e-006d-7539-46a649000000
x-ms-version
2014-02-14

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
84576179be745d4a-FRA
content-type
text/html; charset=utf-8
date
Sun, 14 Jan 2024 16:50:55 GMT
location
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3Tq%2FmxeGNCMt4X5WFvLPFUFBBlyFnvXcgiaXSC5u8uaa2wEBZtD%2FAR%2FFc4Z2Ar1QVLypYir%2B0YqfRNAF44seUsHXHSgkteDz5%2BgGgxQLgagG18J8Zozmmu6euQabFkoeKir3g6XLG%2F1yA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
jedk.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/jedk.jpg?resize=696%2C390&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5f78c29436555778230f47920e027b3a98f278553684bc202ac9391aa89e2e1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
24994
x-nc
HIT ams 6
last-modified
Sat, 13 Jan 2024 10:57:17 GMT
server
nginx
etag
"7997ddb068a65a4c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/jedk.jpg>; rel="canonical"
expires
Mon, 12 Jan 2026 22:57:17 GMT
Femke-Halsema.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/Femke-Halsema.jpg?resize=696%2C464&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
077d9072438a487dbe881fb0fde1aff2988eb4dd4c871b23798f6e00c10aa40f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
28050
x-nc
HIT ams 5
last-modified
Wed, 10 Jan 2024 11:18:17 GMT
server
nginx
etag
"b2b6b60f6a6be65e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/Femke-Halsema.jpg>; rel="canonical"
expires
Fri, 09 Jan 2026 23:18:17 GMT
recunoastere-faciala.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/recunoastere-faciala.jpg?resize=696%2C462&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
53c32eb33e4be5025011c95a9cd8e7f7d06a11b6234e0150d2e264350b53f3e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18100
x-nc
HIT ams 4
last-modified
Wed, 10 Jan 2024 11:15:51 GMT
server
nginx
etag
"29023133efe61b83"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/recunoastere-faciala.jpg>; rel="canonical"
expires
Fri, 09 Jan 2026 23:15:51 GMT
salvamont-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/salvamont-1.jpg?resize=696%2C522&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3743f50c5cc9555c86c456716c1ada09dacbe2dbc8fc2c3b4c72f0bd84c2f7fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
67708
x-nc
HIT ams 2
last-modified
Sun, 14 Jan 2024 11:49:44 GMT
server
nginx
etag
"fa8de132a1bfea59"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/salvamont-1.jpg>; rel="canonical"
expires
Tue, 13 Jan 2026 23:49:44 GMT
bibire.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg?resize=150%2C132&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2184
x-nc
HIT ams 3
last-modified
Wed, 01 Nov 2023 18:23:46 GMT
server
nginx
etag
"64c8a5f9b2cc5371"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg>; rel="canonical"
expires
Sat, 01 Nov 2025 06:23:46 GMT
pag1-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg?resize=662%2C928&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
82212
x-nc
HIT ams 5
last-modified
Thu, 11 Jan 2024 05:02:54 GMT
server
nginx
etag
"5494ed642ba36e15"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg>; rel="canonical"
expires
Sat, 10 Jan 2026 17:02:54 GMT
bibire.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg?resize=150%2C132&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
2184
x-nc
HIT ams 3
last-modified
Wed, 01 Nov 2023 18:23:46 GMT
server
nginx
etag
"64c8a5f9b2cc5371"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2023/11/bibire.jpg>; rel="canonical"
expires
Sat, 01 Nov 2025 06:23:46 GMT
pag1-1.jpg
i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg?resize=662%2C928&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.desteptarea.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
82212
x-nc
HIT ams 5
last-modified
Thu, 11 Jan 2024 05:02:54 GMT
server
nginx
etag
"5494ed642ba36e15"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.desteptarea.ro/wp-content/uploads/2024/01/pag1-1.jpg>; rel="canonical"
expires
Sat, 10 Jan 2026 17:02:54 GMT
r4JQVZETZTeQtnzawJh5s2Wbw6I.js
promos.betano.de/cdn-cgi/apps/head/ Frame 4C8F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KPTPX5XQ6GXTRY3Y
age
378
content-length
1344
x-amz-id-2
vA7uHczh0DDCVKOJ3j/sR45GeAps4rKzKrfp9+FUwMLs9mJ6BCLOfgQYBs1xrWdlNxDK+kXrsMA=
last-modified
Thu, 21 Dec 2023 12:52:13 GMT
server
cloudflare
etag
"30cf280ac36d10da9b831b91729cc23c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8457617aee2271b3-FRA
expires
Mon, 13 Jan 2025 16:50:55 GMT
jquery-3.4.1.min.js
code.jquery.com/ Frame 4C8F 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
568138
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-fra-eddf8230075-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705251056.859023,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 240873
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 4C8F 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5846625
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230126-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvaG5NqTmqnnLhQLY902Wi1tf6raE9RcFVJpn%2Bgtso10o7Kbv8dKVrcJdLmy9M3dy1x1cwIP3UuuNPcnsthujXb46SpvoPV5Y0E5yv%2Bx1aWOhC%2BCDanmdyb7R2DLmUap%2BmeRjGJn5tRhvHE5Q8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8457617b0bbb9153-FRA
Init.js
promos.betano.de/willkommenspaket/ Frame 4C8F 		2 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Init.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
504
content-md5
MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FE1A984"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ec2750b2-d01e-0060-0a2e-1d6e9d000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8457617aee2371b3-FRA
expires
Sun, 14 Jan 2024 17:05:55 GMT
Landing.js
promos.betano.de/willkommenspaket/ Frame 4C8F 		614 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Landing.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
504
content-md5
IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FED1990"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
df4e81fb-c01e-0031-072e-1df311000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8457617aee2471b3-FRA
expires
Sun, 14 Jan 2024 17:05:55 GMT
custom.js
promos.betano.de/ Frame 4C8F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/custom.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
425
content-md5
IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 20 Oct 2023 08:33:32 GMT
server
cloudflare
etag
W/"0x8DBD1473EA630C7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1c9adfe9-401e-0000-0b49-231202000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617aee2571b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
tagline.png
promos.betano.de/willkommenspaket/ Frame 4C8F 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/tagline.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2k9YU1t/lIEgNgYbwdE88A==
age
504
content-length
224661
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
"0x8DBEB412FFF665B"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d1e1c22a-b01e-0049-3485-2250e9000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617aee2671b3-FRA
expires
Sun, 14 Jan 2024 17:05:55 GMT
Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/Rectangle.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3caf11880f6ea465dcfffcc6adc8200632c20dd30a5e30fe84597196ceeb83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
57
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
f00b8a5b-301e-0047-4309-477959000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617aee2771b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
bullet.svg
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/bullet.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e5e7aebc3c0c8af4f6205ae8a0d1a96311c00969e5b5d96daceea6636cc0e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
264
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
21b39638-701e-000b-2009-47e969000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617b2e7971b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
banner1.png
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner1.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1c8aa35a5d15461333b058449a2b01cd094eb58ac934bf627bfca8429a8e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
242
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
0e88ddd2-e01e-0019-4909-4792b9000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617b4e9271b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
banner2.png
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner2.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feffd85ccd6b15196bf3720d8a226aef1a0c3129ee7dbee72e3306dd268408c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
57
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
26d78176-301e-000a-2c09-47b6b5000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617b4e9771b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
banner3.png
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/banner3.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d249b432a449a222f93c72c058cbf5c97a881da7cc319a53270eeff6d8760e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
57
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
98ff99db-601e-0065-4309-47bc46000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617b4e9871b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
gtm.js
www.googletagmanager.com/ Frame 4C8F 		395 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7ad21e0b0ef1436fe86f4b9e75a56150e01dcd9320787da716de4ba15a7927b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117497
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 16:50:55 GMT
tags.js
dd.betano.de/ Frame 4C8F 		147 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.betano.de/tags.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-117.cdg50.r.cloudfront.net
Software
Apache /
Resource Hash
bb429185dfa559bff451e975045b1b55d4aae3e051da009a47c3510bff45a68d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 f732889a761ee496e041d15e73c58bd6.cloudfront.net (CloudFront)
date
Sun, 14 Jan 2024 16:28:52 GMT
x-amz-cf-pop
CDG50-P1
age
1356
x-cache
Hit from cloudfront
content-length
27705
last-modified
Tue, 09 Jan 2024 14:20:03 GMT
server
Apache
etag
"24ce6-60e8402ab1362-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
-1353z3-GAmG-QrUPkV8xPUiUIHbn45u_CG59KEGOjbNH9N3hze2wQ==
expires
Sun, 14 Jan 2024 17:28:19 GMT
Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 4C8F 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promos.betano.de/willkommenspaket/Rectangle.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3caf11880f6ea465dcfffcc6adc8200632c20dd30a5e30fe84597196ceeb83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
57
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
f00b8a5b-301e-0047-4309-477959000000
cache-control
public, max-age=300
x-ms-version
2014-02-14
cf-ray
8457617b4e9971b3-FRA
expires
Sun, 14 Jan 2024 16:55:55 GMT
ns.html
www.googletagmanager.com/ Frame AEE3 		691 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e854d96951c602f9d0b6fa3943ddb02d837b2af5f041f9a3d6c8e08802be3553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
322
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 16:50:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
main.js
promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 8E0F
Redirect Chain
  • https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d000d86b1a77e6005ebc9fb1a96f6a8cdbe065cc7b589cad0d433ecd6faa3fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8457617b6ecd71b3-FRA

Redirect headers

date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8457617b4ea771b3-FRA
css-betano.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		266 B
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
VV0mNMQdoST1edPAjk1m6w==
age
28
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:08 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1339F5D"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bde81f05-701e-0024-4815-24e4a2000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617b8c0c4da4-FRA
css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		799 B
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
kJMidRkqsO72r6TQLkoSKQ==
age
1655
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
W/"0x8DC137B8FAAFCB7"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
129c81b2-d01e-005f-6a65-45a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617b8c0e4da4-FRA
css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
k3d6Yiaa8bmwIFFDC1yKKQ==
age
28
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1452901"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3f0a9451-401e-0000-3985-221202000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617b8c0f4da4-FRA
css-iframe.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		2 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
39E7RXrp/bQVuYTQHPOHVg==
age
28
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D385763B"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
29c75b42-801e-000f-78e1-11646e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617b8c094da4-FRA
Theme.css
promos.betano.de/willkommenspaket/ Frame 4C8F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/willkommenspaket/Theme.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
88
content-md5
iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 09:55:41 GMT
server
cloudflare
etag
W/"0x8DBEB412FC9DF39"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
19ceff76-901e-0003-332e-1df366000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
cf-ray
8457617b5eab71b3-FRA
expires
Sun, 14 Jan 2024 17:05:55 GMT
common.js
landingpages.kaizengaming.com/layout/ Frame 4C8F 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/common.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:55 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Tt1r+v6iV6U4snwCJhK1bQ==
age
28
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:08 GMT
server
cloudflare
etag
W/"0x8DBA4A5D12AEE0B"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
10822b42-101e-006f-70ba-2118f1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617b8c124da4-FRA
/
www.google.de/pagead/1p-conversion/763238947/ Frame AEE3
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&rando...
  • https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx...
  • https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3ZLQ2I&is_vtc=1&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&cid=CAQSGwAvHhf_-5fWAlqiMtEkUh-RYwP3wZ1WvoI4kg&random=2724395461&ipr=y
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Protocol
H2
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=67096548&sscte=1&crd=&pscrd=IhMIlObFm6vdgwMV4AmiAx3ZLQ2I&is_vtc=1&ocp_id=7xCkZdSyOuCTiM0P2du0wAg&cid=CAQSGwAvHhf_-5fWAlqiMtEkUh-RYwP3wZ1WvoI4kg&random=2724395461&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJmyx5ur3YMDFQhNHgIdxi8KqQ;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame 0E23
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F?
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CJmyx5ur3YMDFQhNHgIdxi8KqQ;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F?
0
0
8457617a4d5771b3
promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8E0F 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/8457617a4d5771b3
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
8457617bef6471b3-FRA
content-type
text/plain; charset=UTF-8
slick.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		2 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/slick.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
WZ31BB/YyxPVIgu7I3iKsw==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D32ED756"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4278cefd-901e-0013-0d07-24360e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617bec984da4-FRA
slick-theme.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		3 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
UpLamLxcSvAJaktpLARRvQ==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:12 GMT
server
cloudflare
etag
W/"0x8DBA4A5D316E60C"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c3239d37-701e-0056-12b2-21e3ed000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617bec9d4da4-FRA
css-fonts.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		4 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pvSNyxtpXpV4jwDcVBs+8g==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1600014"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e7dc3228-501e-0023-624e-1488c1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617bec9f4da4-FRA
css-common.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		944 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-common.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
5eGR2sXfZgOapde0CV8YSg==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D14E9D7C"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
f62bc62d-d01e-005f-1650-23a63e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca14da4-FRA
css-landing.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
JDqCfcVQtN58am64kAmqvg==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D168B161"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
400d0109-301e-000a-02ae-21b6b5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca44da4-FRA
css-desktop.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
AOVpmo2f/4Wn1SoTquvjVA==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D1574ECA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9f09804d-501e-001c-39f5-234062000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca64da4-FRA
css-tablet.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mr2IdhRK+4IeBy7KcyoBtQ==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D18E0E3F"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
81167245-301e-0035-4d07-247e16000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca74da4-FRA
css-mobile.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
y0J3Tr1dgXYbzTPMrvAM5Q==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D171FED7"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
25a7325f-b01e-0066-64d8-155d22000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca84da4-FRA
css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame 4C8F 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by
Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
D6htD+uya4gpW6XLW/HaDw==
age
14
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 24 Aug 2023 13:27:09 GMT
server
cloudflare
etag
W/"0x8DBA4A5D13C50A6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0b58af51-f01e-0048-55df-150f35000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617beca94da4-FRA
js
www.googletagmanager.com/gtag/ Frame 4C8F 		274 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f590d5e57d9a7c160e09537ec406afbe6520364ce83ed97368e955897236843b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92617
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 16:50:56 GMT
js
www.googletagmanager.com/gtag/ Frame 4C8F 		265 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17588eba848c6a8bf7154af57f0776bf6d8d7be4913f85f6b2015c7847ced1ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87811
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 16:50:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 4C8F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1705251056008&cv=11&fst=1705251056008&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Fwww.desteptarea.ro&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e6de0f928c23e32cb4d132e404cc6004bf2a78ee3a09404d6da26f79e7ebe78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1347
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 4C8F 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 15:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3763
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 14 Jan 2024 17:48:13 GMT
scevent.min.js
sc-static.net/ Frame 4C8F 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
17883
x-amz-cf-id
q46t6m73s2NH-9K0vvOtrK5-rRK1TSOI8QGDamU1p4MM5syulRrbXA==
activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
12738953.fls.doubleclick.net/ Frame 8679
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...
603 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
338965c4ea82cf3d591465ab8fae97245d9244b10f62f3f37d1e330f1ca14a11
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
370
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 16:50:56 GMT
expires
Sun, 14 Jan 2024 16:50:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 16:50:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
12738953.fls.doubleclick.net/ Frame 01F3
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...
603 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
c81e83a3fb438193920dabe9fca9c807eb0b71e73c9a2a2b341bd028264cc460
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
367
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 16:50:56 GMT
expires
Sun, 14 Jan 2024 16:50:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 16:50:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame 4C8F 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx00000ecfa310e87705ee7-00646c8ee1-3295a825-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
fbevents.js
connect.facebook.net/en_US/ Frame 4C8F 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87bc7b08dce63ce08217b63c57d9705cd08dfa807b93a8e73f3c4364924ffb0c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 16:50:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58345
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
zB0T4ZVI9WmViiwTCLvzOeSPZ/xzmIkLUERdMM62/cqYzsF77hs988ans7uexY+vq+Uhd3zNSiad48pq1megew==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ Frame 4C8F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 14 Jan 2024 16:50:55 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CC7BF55824E44D918FF8A02043AC2A6F Ref B: FRAEDGE1115 Ref C: 2024-01-14T16:50:56Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
mgsensor.js
a.mgid.com/ Frame 4C8F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1705251056026
Requested by
Host: www.desteptarea.ro
URL: https://www.desteptarea.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
d79fdce3-1372-459c-840f-133c169fc680
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8457617c889c9223-FRA
alt-svc
h3=":443"; ma=86400
iframe
visuals.kaizengaming.com/scripts/ Frame F796 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069498f9bd16b7e0fc000753568cb49b9a19de0ac229f918df5253cdee795e31

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age
1203
cache-control
public, max-age=14400
cf-cache-status
DYNAMIC
cf-ray
8457617c9e5a1bdb-FRA
content-encoding
gzip
content-md5
pRIJ2/N21dbBjDWXiJP+cQ==
content-type
text/html
date
Sun, 14 Jan 2024 16:50:56 GMT
expires
Sun, 14 Jan 2024 20:50:56 GMT
last-modified
Wed, 29 Mar 2023 06:31:05 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
92527875-101e-0033-193e-158a78000000
x-ms-version
2011-08-18
index.html
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://landingpages.kaizengaming.com/de-sport/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff125c8bfacf4ccde718279c2d6c7ee2c4abbc56db996184ed94c2283bae8f92

Request headers

Accept
*/*
Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-md5
+EFUa5b1CzPUFAPmo7dXHA==
age
180970
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6790a48a-701e-0069-4064-452b4e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617c5b3b2c01-FRA
a1ed23ed-6f21-47f5-85e9-51ff9dccdcce
https://promos.betano.de/ Frame 4C8F 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://promos.betano.de/a1ed23ed-6f21-47f5-85e9-51ff9dccdcce
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
api-js.datadome.co/js/ Frame 4C8F 		230 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.datadome.co/js/
Requested by
Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.187.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-187-60.eu-central-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
8671497b3f55b040f96a0f7a1ab27554b50922b051ea9f2ce1b9421719aa6365

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
230
expires
0
/
www.google.com/pagead/1p-user-list/763238947/ Frame 4C8F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/763238947/?random=1705251056008&cv=11&fst=1705248000000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yozO9K1sbys6iwl_LHNHqJy-ir7v_g&random=3032329323&rmt_tld=0&ipr=y
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/763238947/ Frame 4C8F 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/763238947/?random=1705251056008&cv=11&fst=1705248000000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yozO9K1sbys6iwl_LHNHqJy-ir7v_g&random=3032329323&rmt_tld=1&ipr=y
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
59013e41-1b63-4d8e-a887-ea6d3795d988.js
tr.snapchat.com/config/de/ Frame 4C8F 		177 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.8.0-2401042024
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
Origin
https://promos.betano.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://promos.betano.de
x-envoy-upstream-service-time
92
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
i
tr.snapchat.com/cm/ Frame 9E8F 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b2baa976-c517-4ae3-b4ae-229b028b72b2&u_sclid=41df7d34-8fed-40dd-aff8-33d44224c879
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 14 Jan 2024 16:50:56 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
p
tr.snapchat.com/ Frame 4C8F 		68 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=f4e218b6-044b-4651-9479-c95a1badc8b8&u_sclid=41df7d34-8fed-40dd-aff8-33d44224c879&u_scsid=b2baa976-c517-4ae3-b4ae-229b028b72b2&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=343&m_ic=true&m_pi=338&m_pl=0&m_pv=2&m_rd=543&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=fcb15555-2999-496a-93e4-7865e263cd7d&ts=1705251056086&v=3.8.0-2401042024
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
linkid.js
www.google-analytics.com/plugins/ua/ Frame 4C8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 14 Jan 2024 17:38:59 GMT
137000673.js
bat.bing.com/p/action/ Frame 4C8F 		0
115 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137000673.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 14 Jan 2024 16:50:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F78B41005B3445A182C79F659EA32501 Ref B: FRAEDGE1115 Ref C: 2024-01-14T16:50:56Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 4C8F 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=97384bd9-f649-42f5-9bed-0712d850b5dd&sid=1605e5d0b2fd11eeb6976df104695bd3&vid=1605fd90b2fd11eeaf06230dcfbdad90&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=344&evt=pageLoad&ifm=1&sv=1&rn=254082
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 14 Jan 2024 16:50:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 21339200365C4CCE8459EC93C1AAB5CA Ref B: FRAEDGE1115 Ref C: 2024-01-14T16:50:56Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
mwHkbVJHeMadNj4jxLZolA==
age
775
content-length
19119
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B90CC485F"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
884f3bf9-901e-0003-0365-45f366000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdb94da4-FRA
spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
oEUX3HqfuPUvYFG+QZJ9tQ==
age
775
content-length
28849
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90426BD5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f4b093dc-001e-0001-2e65-454dde000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdba4da4-FRA
spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
jSdk+PY50XexolMJPt5Q0Q==
age
775
content-length
24710
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B9072C3A5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
32d10ec2-401e-0072-3365-45154d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdbc4da4-FRA
spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
JhbPFXjZywCGfmkqf6Kweg==
age
775
content-length
25859
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90B31EB5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
cc33cb9e-201e-0006-2f65-4521bd000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdbd4da4-FRA
spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
XMp6ffG72oNhRO1DDx+D8g==
age
775
content-length
19885
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90949E9D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
64542772-301e-0047-7565-457959000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdbe4da4-FRA
spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
ZWskDbpA4tguY75DycNraw==
age
775
content-length
19873
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B90D37344"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
cf86fb7e-a01e-0037-6665-45c0ae000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc04da4-FRA
spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
bqT5Gi69cDmYsDYa4bEKsQ==
age
775
content-length
18469
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B902BB2CD"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2c4436d4-d01e-0060-7a65-456e9d000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc14da4-FRA
spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
GASNhmiazNjE2gYaQyS6Dg==
age
775
content-length
23572
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B903379E2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ec60733b-301e-0035-1065-457e16000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc34da4-FRA
spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
SBVluZQtT7yiLEiEDAA5aQ==
age
775
content-length
22894
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B907B26E7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
bb777ebb-101e-0040-1565-45153a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc54da4-FRA
spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
/0mt5FHZVIAjX94uZVR7dA==
age
775
content-length
5318
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9131B23D"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6e939a2c-601e-005a-6065-4574e5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc64da4-FRA
spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
QZwghOjpQSeiH/VC0Pp+5g==
age
775
content-length
17257
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B906AFC94"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ea0b4b89-601e-0065-2465-45bc46000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc74da4-FRA
spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
n8zLW8cpLiU4kbUrGnwtDw==
age
775
content-length
17581
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B90BA70A6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
af182882-801e-0020-4c65-4569a5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdc94da4-FRA
spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
exAxLiOKF1ZQ22Z4FzBs+g==
age
775
content-length
15119
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B903AF2E4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
08a96dc9-501e-0041-5265-454ae6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdca4da4-FRA
spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
3yDwl8syJHaDX8oSywlAEw==
age
775
content-length
23395
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:20 GMT
server
cloudflare
etag
"0x8DC137B908D4CA9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
48b2faf5-101e-006f-7465-4518f1000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdcb4da4-FRA
FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
laAoZTUUiqFTjoKqlD93JA==
age
775
content-length
31523
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B912187F6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d63da344-c01e-0021-4665-453679000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdcc4da4-FRA
KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
X1Is2lD/8CCkI96L9PqC6Q==
age
775
content-length
6098
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B912A8758"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
438d5cb2-201e-005b-6365-452b39000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdcd4da4-FRA
logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
Wdb5g3cD4eZh2Tm0CyXe6A==
age
775
content-length
8998
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9139042C"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
e5cf7baa-b01e-0076-2765-45984a000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdce4da4-FRA
logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
/8PMtJkMzUjtMFEegZIHcw==
age
775
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
W/"0x8DC137B902439D7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
32f9d649-601e-0075-6965-45792e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
cf-ray
8457617cfdd14da4-FRA
awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
aXcrchTaRow4V+J4yNZSjQ==
age
775
content-length
4512
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B9103A407"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a596cf1b-701e-0046-2b65-452685000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdd24da4-FRA
awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
eXjGNE64RFjnYc6aOBQYqw==
age
775
content-length
4692
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:21 GMT
server
cloudflare
etag
"0x8DC137B910E29D6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
884f3bc4-901e-0003-5265-45f366000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617cfdd34da4-FRA
awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
QL48N56WPpNnD2BJCbdfrQ==
age
775
content-length
6010
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F8921C0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6e939a33-601e-005a-6665-4574e5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0dd54da4-FRA
awd_egr-award-2021-customer-services.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
p3VebR5AVw3QzT/Awp05+w==
age
775
content-length
4583
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F81F6D4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
e46e9154-b01e-003b-6365-4557a6000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0dd64da4-FRA
awd_egr-award-2019-mobile-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
44fs+40EJE8j1DmLrNorsQ==
age
1677
content-length
6296
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:18 GMT
server
cloudflare
etag
"0x8DC137B8F7AA4E7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
21bbd979-001e-002e-5a65-454015000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0dd84da4-FRA
awd_sbc-awards.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
+S8h4H5YiK6h8Y4RwrAOJQ==
age
1677
content-length
6301
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FA13A20"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6e939a2a-601e-005a-5e65-4574e5000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0dd94da4-FRA
icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
j0GjjlDNvp6PdAbk4d+Rqg==
age
1677
content-length
5932
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FE69D7E"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
679885af-701e-0069-7365-452b4e000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0dda4da4-FRA
icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
Xcsdo6ehQR3VQfTMT595Zw==
age
1677
content-length
5944
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FCD4CE5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
17cd5966-f01e-0077-7e65-45c796000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0ddb4da4-FRA
icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
AUubypnMN2JeRlPkf9zpnQ==
age
1677
content-length
2235
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FDED674"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b74f42bc-801e-0030-0465-45accd000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0ddc4da4-FRA
icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
DmyyMSlBYTT52o9Zn45TeA==
age
1654
content-length
1446
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FD513DD"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
aa4ce7ad-201e-0029-7065-452c76000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0ddd4da4-FRA
icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
Io37aBC4ERo7T8rJ2LvIeQ==
age
1654
content-length
1674
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FFC9351"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
032dea1b-101e-001d-0e65-451fbe000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0de04da4-FRA
icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame 4C8F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
HIT
content-md5
T9Bl2/9ajIjSJ/Oj1zQkFw==
age
1654
content-length
1615
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jan 2024 14:34:19 GMT
server
cloudflare
etag
"0x8DC137B8FEE6492"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ae672915-f01e-0067-0565-4502fe000000
cache-control
public, max-age=900, immutable
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8457617d0de34da4-FRA
dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame 8679 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Requested by
Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPiNy5ur3YMDFQQrGQodtFQKOg;src=12738953;type=despo0;cat=despo0;ord=5865753298952;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12738953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame 01F3 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826
Requested by
Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CK6py5ur3YMDFehhHgId25cNZQ;src=12738953;type=deaff0;cat=deaff0;ord=5124046279350;gtm=45He41a0v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12738953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
234568464078651
connect.facebook.net/signals/config/ Frame 4C8F 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/234568464078651?v=next&r=canary&domain=lp.cleverwebserver.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9d3978244fe6c0e3061c3ada11ae4832c0f38b031ca6b86324cdbd82ec79de0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 16:50:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
YzWlOK2LbotUgVjgnJGw2A95YrLS+K2X0Whzx3btba7CVwKky5E31LW7b247FzN90bLjiX/nacfcA+fIAPCSpQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
64ee070c262380ef28e936b2
visuals.kaizengaming.com/a/ Frame F796 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
8457617d6f811bdb-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
main.js
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 8C3E
Redirect Chain
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda24aae3dfe5893dcf109335d20c85d5774ad06dfcd7a27abdb31e63d8d1c1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8457617dbfe11bdb-FRA

Redirect headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8457617d7f881bdb-FRA
/
track.adform.net/Serving/TrackPoint/ Frame 4C8F
Redirect Chain
  • https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.d...
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betan...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos....
121 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
194
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=332216015742&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
track.adform.net/Serving/TrackPoint/ Frame 4C8F
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Fi...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspake...
125 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
196
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=15082624390&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
document.000000CF16561F.js
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame F796 		177 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
rIrlDQ43Y2HScKgRpGejWA==
age
554
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 15:35:17 GMT
server
cloudflare
etag
W/"0x8DBE6B9A2912048"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
07305a62-b01e-0067-76a2-18c52f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2011-08-18
cf-ray
8457617dc8161bdb-FRA
expires
Mon, 13 Jan 2025 16:41:42 GMT
animated-creative.381532d5d5de3962867f.js
visuals.kaizengaming.com/scripts/ Frame F796 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
7/+J+TpFL/6K7/yG6MNwEg==
age
554
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 09:16:12 GMT
server
cloudflare
etag
W/"0x8DBE4F258FA183A"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c8e316ac-901e-0070-531f-246c24000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2011-08-18
cf-ray
8457617dd8191bdb-FRA
expires
Mon, 13 Jan 2025 16:41:42 GMT
p
tr6.snapchat.com/ Frame 4C8F 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
8457617c9e5a1bdb
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8C3E 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/8457617c9e5a1bdb
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
server
cloudflare
cf-ray
8457617e38b51bdb-FRA
content-type
text/plain; charset=UTF-8
1x1.gif
a.mgid.com/ Frame 4C8F 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1705251056348
Requested by
Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_826b_2931c_JSABMVPAIIDAADE&utm_medium=431&utm_source=2&siteid=826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8457617e3a019223-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
truncated
/ Frame F796 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/webp
b5bcb02e-cc69-4eb6-b406-f3162ebf97f6
https://visuals.kaizengaming.com/ Frame CEAE 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://visuals.kaizengaming.com/b5bcb02e-cc69-4eb6-b406-f3162ebf97f6
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
visuals.kaizengaming.com/fs/api/v2/ Frame F796 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf116baf3fcd40c6ab67e94287c217b908b9981e115e91b94978421a3c96661

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:36 GMT
server
cloudflare
age
2790860
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray
8457617f19b11bdb-FRA
expires
Mon, 13 Jan 2025 16:50:56 GMT
p
tr.snapchat.com/ Frame 4C8F 		0
91 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://promos.betano.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://promos.betano.de
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
font
visuals.kaizengaming.com/fs/api/v2/ Frame F796 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da6b68a58bcab9b5928226af272fbffa94e3a29e4331c2107c12d8ce9a144b9

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:39 GMT
server
cloudflare
age
2790857
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray
8457617f7a141bdb-FRA
expires
Mon, 13 Jan 2025 16:50:56 GMT
font
visuals.kaizengaming.com/fs/api/v2/ Frame F796 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f959ba158ab024756a2fb11f11f7680447794fcf718b113add922cbee27e2d

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:40 GMT
server
cloudflare
age
2790856
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray
8457617fda9f1bdb-FRA
expires
Mon, 13 Jan 2025 16:50:56 GMT
font
visuals.kaizengaming.com/fs/api/v2/ Frame F796 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79786f96c758a7566ccb2e1a439b9410de0a13d303a068c02874912eaff377e0

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin
https://visuals.kaizengaming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 09:36:43 GMT
server
cloudflare
age
2790853
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-disposition
attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray
845761802b1c1bdb-FRA
expires
Mon, 13 Jan 2025 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817ce51bdb-FRA
content-length
341852
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:19:17 GMT
api-supported-versions
2.0
server
cloudflare
age
45099
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817ce71bdb-FRA
content-length
56928
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817ce91bdb-FRA
content-length
30628
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817ceb1bdb-FRA
content-length
13040
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:03 GMT
api-supported-versions
2.0
server
cloudflare
age
58493
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cee1bdb-FRA
content-length
11302
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 03:35:53 GMT
api-supported-versions
2.0
server
cloudflare
age
47703
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cf21bdb-FRA
content-length
6620
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cf51bdb-FRA
content-length
16182
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cf61bdb-FRA
content-length
29032
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 00:36:04 GMT
api-supported-versions
2.0
server
cloudflare
age
58492
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cf91bdb-FRA
content-length
176540
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:19:17 GMT
api-supported-versions
2.0
server
cloudflare
age
45099
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cfa1bdb-FRA
content-length
6958
expires
Mon, 15 Jan 2024 16:50:56 GMT
optimize
visuals.kaizengaming.com/io/api/image/ Frame A11B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date
Sun, 14 Jan 2024 16:50:56 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 14 Jan 2024 04:19:17 GMT
api-supported-versions
2.0
server
cloudflare
age
45099
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
845761817cfc1bdb-FRA
content-length
7696
expires
Mon, 15 Jan 2024 16:50:56 GMT
a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		462 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
db1RviXCYsfCGJyPhdZBgQ==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB98082775296F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8724faa4-e01e-0027-74a7-12c217000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817cff1bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		712 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Wj2Rm4rI4ts1bvK6/OwKuA==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808278220AD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d3d20501-301e-0069-5513-24ec9f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d001bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		716 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
wOI1kvcZ2lxVvarwrZkpVw==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827807321"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ea1a2699-e01e-0008-01fe-15cfdc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d031bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		699 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
6T5iHY4kR/cqRXlJfcIgeg==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827A0A29B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1d1f2183-401e-002e-2ab0-2187c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d051bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		705 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
OGNNML/bbmYzG3WVI4K2vw==
age
1265
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB98082797A2B0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
40852256-301e-00a2-12c5-0bd73f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d071bdb-FRA
expires
Sun, 14 Jan 2024 20:29:51 GMT
68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		711 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
H8vQZgECIVhMUK6iBn/x3A==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808278D9165"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c95bfdd5-b01e-0067-22ce-15c52f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d091bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		713 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
PGPRbIvWC6EgP2XMl5G9Xw==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808279A137F"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0f3a9cde-001e-0000-422e-23d5d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d0c1bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		701 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
kbsYe45EOgyN0lklvpvsrA==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB9808279B4BE1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3c0391d4-301e-009d-3398-0c1f9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d0e1bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		701 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
CP5dckuzFGRJ6dKK7x8ltA==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 12:08:19 GMT
server
cloudflare
etag
W/"0x8DB980827905047"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cc26351e-f01e-0066-421f-249af3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d101bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
dIIZsAgREGCk+L7z+CtKvA==
age
657
x-ms-lease-status
unlocked
last-modified
Thu, 10 Aug 2023 10:33:34 GMT
server
cloudflare
etag
W/"0x8DB998D3FC6613A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cc269f66-f01e-0066-211f-249af3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d141bdb-FRA
expires
Sun, 14 Jan 2024 20:39:59 GMT
7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		454 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Fe9zUTUCieFRBF6mOTWgjw==
age
1171
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 09:01:14 GMT
server
cloudflare
etag
W/"0x8DB97EE04CD7BF6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
54e25cf9-f01e-0049-18cd-219738000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d161bdb-FRA
expires
Sun, 14 Jan 2024 20:31:25 GMT
f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame A11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Jan 2024 16:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
52m6i3E5yoDqe8bIckaoJg==
age
657
x-ms-lease-status
unlocked
last-modified
Tue, 08 Aug 2023 09:01:14 GMT
server
cloudflare
etag
W/"0x8DB97EE04CF5095"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
efa0db72-501e-000d-430a-151d07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2011-08-18
cf-ray
845761817d171bdb-FRA
expires
Sun, 14 Jan 2024 20:39:59 GMT
/
www.facebook.com/tr/ Frame 4C8F 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1705251056870&sw=1600&sh=1200&v=next&r=canary&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1705251056197&coo=false&cdl=&uppt=0&uvpt=0.10000038146972656&ttf=1180.2999992370605&bdt=94&bdsize=223845&btsize=58345&brbs=0&cdt=327.80000019073486&cdsize=138747&ctsize=35682&crbs=0&let=8.699999809265137&upcl=0&upurlcl=4&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promos.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 Jan 2024 16:50:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
visuals.kaizengaming.com/tr/v2/pixel/ Frame F796 		0
96 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by
Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Jan 2024 16:50:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
845761820dce1bdb-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
12738953.fls.doubleclick.net
URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CJmyx5ur3YMDFQhNHgIdxi8KqQ;src=12738953;type=despo0;cat=despo0;ord=504896683;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CloudflareApps undefined| $ function| jQuery object| _wpemojiSettings object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_captcha string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdMobileMenu string| tdMobileSearch object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target object| block_tdi_98 object| block_tdi_120 object| block_tdi_123 object| block_tdi_131 object| block_tdi_143 object| block_tdi_165 object| block_tdi_178 object| block_tdi_179 object| block_tdi_184 object| block_tdi_239 object| block_tdi_240 object| block_tdi_241 object| block_tdi_242 object| block_tdi_243 object| block_tdi_244 object| block_tdi_248 object| block_tdi_251 object| block_tdi_252 object| block_tdi_257 object| block_tdi_258 object| block_tdi_259 object| block_tdi_260 object| block_tdi_263 object| block_tdi_266 object| click_object object| CleverCore boolean| CleverCoreLoaded object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_delete_site_cookie boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdBlocks object| td_history object| tdHeader object| tdCustomEvents object| tdEvents object| tdPullDown object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdConfirm function| onYouTubeIframeAPIReady string| tdModalImageLastEl object| tdSocialSharing function| tdModalImage object| addComment object| _stq undefined| eventHub object| tdcPostSettings function| tdbGetMobileTemplates number| sc_project number| sc_invisible string| sc_security function| gtag object| dataLayer object| tdLoadingBox object| tdbMenu object| tdbMenuItemPullDown object| tdAjaxSearch object| tdInfiniteLoader object| tdSmartSidebar object| td_res_context_registered_atts function| _statcounter object| google_tag_manager object| google_tag_data function| st_go function| linktracker_init object| wpcom object| gaGlobal object| twemoji object| wp

29 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: dc4e3509882e40c68a170453af779220
.desteptarea.ro/ Name: sc_is_visitor_unique
Value: rx12932177.1705251055.07AD7C9EE5904FAC36AB9CEBA1C4DC75.1.1.1.1.1.1.1.1.1
www.desteptarea.ro/ Name: clever-last-tracker-51407
Value: 1
www.desteptarea.ro/ Name: clever-counter-51407
Value: 0-1
.desteptarea.ro/ Name: _ga_X1VRQ4MQEN
Value: GS1.1.1705251055.1.0.1705251055.0.0.0
.desteptarea.ro/ Name: _ga
Value: GA1.1.2010538770.1705251055
.statcounter.com/ Name: is_unique
Value: sc12932177.1705251055.0
.statcounter.com/ Name: is_visitor_unique
Value: 1705251055120800179
.desteptarea.ro/ Name: cf_clearance
Value: T0VH7zcKDfUzfk8f9qkyF7kvpzTC3SE5APIG89nJxhY-1705251055-0-2-4e470ce2.55440b53.85d0e24c-0.2.1705251055
gml-grp.com/ Name: CEK
Value: a
.gml-grp.com/ Name: __cf_bm
Value: 5Hw1QfC0tBpaJMqa9_pOJ8Cmx7hTexVI5mtwxTJusi0-1705251055-1-AaKFtG11AQ8HYbvuNpLHsTtGYz792R0r0pfho+2u0KV0XvOgH28wq8KL0AX5CD6tpdRsMv+DZj5z+F/9jVcLqzM=
.gml-grp.com/ Name: _cfuvid
Value: .3pL2nVFM8Ay5GJrtz2p2qNh6GxcoN0qA5Dvd8IcvAA-1705251055626-0-604800000
gml-grp.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&b31a40b5-22c5-427b-a7aa-4cc53426d488&&a_826b_2931&
gml-grp.com/ Name: A_2931
Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20240114&lc=20240114045055&cc=1
gml-grp.com/ Name: PM_11
Value: id=f6888eb9-2580-494d-8e42-0d09c7918ba6&c=JSABMVPAIIDAADE&s=826&ad=2931&md=0&pm=11&d=20240114165055&ip=0&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_826b_2931c_JSABMVPAIIDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D826&cip=MjAwMTphYzg6MjA6M2EwMDoxMDExOmEwNzA6MzY3YTpjMTIz
.betano.de/ Name: btag
Value: a_826b_2931c_JSABMVPAIIDAADE
.betano.de/ Name: __cf_bm
Value: vPHaw18hPFexmcfBnXTz2Lhz.RX.4QKIl6Oe3g_q_oM-1705251055-1-AaV9drmrMqT567toBZaNpT7d74fmViUyIPNJUdSbEIbsPf5yTZV4ntwg4hAg1W9CiOVHTJE04iVr+O8tJSvSvKA=
.betano.de/ Name: _cfuvid
Value: ZbYgzjrs3uA8ISqb.X.biVGz0_Nq718E8ZKBYmIi_KE-1705251055817-0-604800000
.kaizengaming.com/ Name: __cf_bm
Value: Rt5V9TEor3dzA0uQKO1aFRbrTl4sRBxNHDlzw1_Twc8-1705251055-1-AZAAUfxp2MkW5OSLusnBFlHQu5cKJtuFM6NN7WC3/oHOr1SWv3Wf1uGHRLUEyxi9Z40xcJAGwb5uexUBQKbE2mM=
.kaizengaming.com/ Name: _cfuvid
Value: z1qBZSAedUgCL9cdOW6kzNJkCo_XOUSQ_LFkl8fmTx0-1705251055953-0-604800000
.betano.de/ Name: cf_clearance
Value: Jb2uVsCVWBQU0c_QhfoBTla_2mqypf4rK.37SLMQ0gI-1705251056-0-2-4e470ce2.85d0e24c.19465302-0.2.1705251056
.doubleclick.net/ Name: IDE
Value: AHWqTUnrsX6cYbrZqlGDiEEFZl9vuzCt_2e9Q1LdjK7jc7GbOaM6k3c4Zq7TnzOw3cQ
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgREAEAwDwIl6lyJS61Cm6PD+4+wXnrQBwMbssu3nmjK1yNUUrHKBjQ7Owgc9vZUBMgAAAA==
.bing.com/ Name: MUID
Value: 2A5EFBA520B261261361EFA321D960A6
.mgid.com/ Name: __cf_bm
Value: dcp5cFq.SLCcNvwIZqwEtUK2AVXVdbbNP8y4cwNVNlo-1705251056-1-AWpGVIRdGwHWitDDzekCI/Jyiqw3wzQiKxgq4gv1N3jyp6Ky2fef6nAVeG1AtYymlTJx49FOzKd32wOGgb+5TBo=
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.kaizengaming.com/ Name: cf_clearance
Value: db4ARaVHQlm0PJFBW_uEhCLpeo5AxYECQ7jf2lZu0j0-1705251056-0-2-4e470ce2.85d0e24c.19465302-0.2.1705251056
.adform.net/ Name: uid
Value: 6541583757679954014

7 Console Messages

Source Level URL
Text
network error URL: https://promos.betano.de/willkommenspaket/Rectangle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/bullet.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner3.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/Rectangle.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner2.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promos.betano.de/willkommenspaket/banner1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/234568464078651?v=next&r=canary&domain=lp.cleverwebserver.com(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
a.mgid.com
adservice.google.com
api-js.datadome.co
bat.bing.com
c.statcounter.com
call.cleverwebserver.com
cdn.jsdelivr.net
code.jquery.com
connect.facebook.net
dd.betano.de
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
i0.wp.com
landingpages.kaizengaming.com
lp.cleverwebserver.com
pixel.wp.com
promos.betano.de
region1.google-analytics.com
s.w.org
s2.adform.net
sc-static.net
scripts.cleverwebserver.com
sender.cleverwebserver.com
stats.wp.com
tr.snapchat.com
tr6.snapchat.com
track.adform.net
ui.cleverwebserver.com
visuals.kaizengaming.com
www.desteptarea.ro
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.statcounter.com
12738953.fls.doubleclick.net
104.20.95.138
142.250.74.198
143.204.207.250
172.217.16.194
192.0.76.3
192.0.77.2
192.0.77.48
2001:4860:4802:32::36
2606:4700:1::6813:844c
2606:4700:3032::6815:40a7
2606:4700:3037::ac43:98f5
2606:4700:4400::6812:28b3
2606:4700:4400::6812:2a64
2606:4700:4400::ac40:934d
2606:4700:4400::ac40:9754
2606:4700::6810:5914
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a06:98c1:3121::3
3.127.187.60
35.190.43.134
37.157.2.247
37.157.6.232
52.84.174.117
01be3b09ff08b902fbf43a706aca14b09af89436ce97bd20e82d2ba7d1a6a64b
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984
04647840b1b815ef28f377da140c4bc45821a5772d1d4e32a2baf3b754c6574b
05bd571ea670c264efcd43b8c6377b499d34cf2fe10fe4202dfdb2a3890e7885
069498f9bd16b7e0fc000753568cb49b9a19de0ac229f918df5253cdee795e31
077d9072438a487dbe881fb0fde1aff2988eb4dd4c871b23798f6e00c10aa40f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cc4f867a343a82689f30c1224ab9afbdaebd5207e037fc77b99de31425cba91
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
119976944646a79019ce03beff913584eb2f12e344b1e549c58a0da61fb1e6c7
15e5e7aebc3c0c8af4f6205ae8a0d1a96311c00969e5b5d96daceea6636cc0e9
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74
171b52327c92328999d34a6409855714238bcbf554c4367b08e72fb5c80ff5b8
17588eba848c6a8bf7154af57f0776bf6d8d7be4913f85f6b2015c7847ced1ec
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
1a1c8aa35a5d15461333b058449a2b01cd094eb58ac934bf627bfca8429a8e5c
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1c0f19d05c31552677c3717dd15e46d2d42903c8ffaa00adeece91c45c19665f
1e3caf11880f6ea465dcfffcc6adc8200632c20dd30a5e30fe84597196ceeb83
1fdd7a144b36adb6e59813e4e94ece504a3d5fef595cb2a9fb20320d06d2a098
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
2245285a8ccda188395559d75e32d8450f722c98cf130079efe9a404a16c7107
236eec7cd541709e54ad85c475d501927cec27afa6783fcef3154b476661cb86
27dc380caf238d7c417fac471ec5902c8cf73e9dccfddcd489e8cd5df0d8a948
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
30afaa4f3695ec3d2b03c378dd7d3aa49aad4b9ca26ec08fd7f32822a32a8655
338965c4ea82cf3d591465ab8fae97245d9244b10f62f3f37d1e330f1ca14a11
345d30bfda363b5caab40c08fd96746739a9c5be673a0887cc4d16fc264132af
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
3743f50c5cc9555c86c456716c1ada09dacbe2dbc8fc2c3b4c72f0bd84c2f7fb
38793abd47e804032b94c26bb34ed5ee269d88a71dafe447498536523146c8cf
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d000d86b1a77e6005ebc9fb1a96f6a8cdbe065cc7b589cad0d433ecd6faa3fb
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
4834e9f1e9d73b8d2baf08fd6294f6cb4a360ad0cb7b91ea707dffa4866be240
48b4bce0dc726ddd349280159514b9ac13d37c849a04fba5b2e6c7fadef98aa2
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c8e252ca4e5d2d5e9ed4b681995105f525e35bab43539d099d4eb50ba345902
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
5203e80b3c2052f6e01718d37241ca1bcc261ac5dcdab29cfe7255c2e4a2b227
523762d6589fbd8cdf6ae37fedb69e5c53aa492691908a78531e6417b87d6873
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52af4a707c20f15281abce98cd9e58502a98a466ce2896e977afe34c2b6a2f32
53c32eb33e4be5025011c95a9cd8e7f7d06a11b6234e0150d2e264350b53f3e2
5820bab8388c31b58a24f1930839b761838e25f2fb62bf01defe79682df91434
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e6de0f928c23e32cb4d132e404cc6004bf2a78ee3a09404d6da26f79e7ebe78
5f78c29436555778230f47920e027b3a98f278553684bc202ac9391aa89e2e1c
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
649548b779f30cb63e141770df9c1fd2aec5de08cdea49c4c9f8d8a5180a4ea6
67748f8cd5f52677bbeb04e15eadf694f50793e7b7f015607c5d1a78b2ccd2aa
6902c494f155dafcadfb24f795da7ccf627052547d66b35053ca3582a78ffb47
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6da6b68a58bcab9b5928226af272fbffa94e3a29e4331c2107c12d8ce9a144b9
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
79786f96c758a7566ccb2e1a439b9410de0a13d303a068c02874912eaff377e0
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
83a9d1c1b33a4f2c317f1519d34ff980b8fcc49330f368ca44e7e5f7974db772
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
83e2cad04c8ef32b86de276e74364c2476e9b1634ddb687ecdb9da3b5479db67
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
8671497b3f55b040f96a0f7a1ab27554b50922b051ea9f2ce1b9421719aa6365
86dd9db9351238b225bf1ed74e5c25c6bc013460366dd41775ac2dbf62cd2300
87bc7b08dce63ce08217b63c57d9705cd08dfa807b93a8e73f3c4364924ffb0c
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
8834768897bb19af020b5c6afbbf0f981c17f4c15c444925c5a70348347fcb20
890de6bda19513dfccb36d66c3551c4d3ff55f47ca9f65def1f8551c7c1543e5
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3
8ab75b37e150efe65cdfd300029b88de8355d72c7bbb5d2055f902aeaec3c14d
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8bf116baf3fcd40c6ab67e94287c217b908b9981e115e91b94978421a3c96661
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335
91ac9b215d2e2d8b8330b9f3bf9f87aabad95656aadaec0796915794b566007d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97
9b62548e368be44df597b5ccb496b52a6ab34d146a13b1588c8650b0c325ab1f
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a6669d5e7c502e78f47641fdc65a7490656d7b0e567cf155e7f51df8d750c378
a91d91bb1ca4c7eb188fbf2d6529173468f3e12b75aabd4ef301710815901626
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad
afcc663536de33d814d9d34e095d967c24ce211d814f8957ff9ff313bea37693
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b11c68015534cd3b9cdab77a80b64731487de92658f9786cd907794ba48c09a0
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b1df83f5da497d02441ee7898515886d42aa8f18e0f9cf38e110d6b470f15763
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b63b548949cffad3c71f1a181c65dc95192cbb262411ce58d638578045ee1e8e
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b696652d817d82744bb5a64a9e78cd1e029b3364f0881e9d9ad1ce28fc7e6003
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7ad21e0b0ef1436fe86f4b9e75a56150e01dcd9320787da716de4ba15a7927b
b7f959ba158ab024756a2fb11f11f7680447794fcf718b113add922cbee27e2d
bb429185dfa559bff451e975045b1b55d4aae3e051da009a47c3510bff45a68d
bda24aae3dfe5893dcf109335d20c85d5774ad06dfcd7a27abdb31e63d8d1c1d
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf
c2335c011fe40c9fb1e8311bd5273f70a1fa66b355fff479bf44edf71790c0c3
c2430aad2b6a33948dc064cfaee8ad65ff9e3ca439834f3aaa84abec3d10dea8
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c81e83a3fb438193920dabe9fca9c807eb0b71e73c9a2a2b341bd028264cc460
c84c2b7321ad8eb40f83e070818c856e6ce0081e36bcb0c052cdc20ab9dfaaa4
c9d3978244fe6c0e3061c3ada11ae4832c0f38b031ca6b86324cdbd82ec79de0
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
ca8ab1a0ac9c26942bdc4e0ecc6813dde09c8fcf4a026e646c9e298ac14df58f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d29ae6e3e6f760d831dda3eab40c8a2199648e651b7f3583738ecf604c957834
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5897a8849de15a2ad907e8774d83685f49fd94cb15d986aa6333b9bb74dd106
e5d249b432a449a222f93c72c058cbf5c97a881da7cc319a53270eeff6d8760e
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e854d96951c602f9d0b6fa3943ddb02d837b2af5f041f9a3d6c8e08802be3553
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f14482819130cf9f52bd7f0b79b9d80112c36ee6cf840dc9440586e68ed5ae84
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426
f1c62d99354195470e5b00ea8c9590bfc5810e78bf2e16fd72ae60785c19e0be
f39fb09590a254d659b848446fe21a9155c886420fd119cd42e140ff5e8c09c1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
f51e0c5846ff61b0cf782f6f7e1bd398221e810ed37991af498ee46df4f2cd41
f590d5e57d9a7c160e09537ec406afbe6520364ce83ed97368e955897236843b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
fb58b28c310526256da6d2e7a1c921ca7307c442db07e3e1dabb9a0096819378
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0
feffd85ccd6b15196bf3720d8a226aef1a0c3129ee7dbee72e3306dd268408c3
ff125c8bfacf4ccde718279c2d6c7ee2c4abbc56db996184ed94c2283bae8f92