api.betonline.ag Open in urlscan Pro
104.17.65.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Effective URL:
https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=http...
Submission: On July 01 via manual (July 1st 2023, 5:53:37 am UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 114 HTTP transactions. The main IP is 104.17.65.19, located in and belongs to CLOUDFLARENET, US. The main domain is api.betonline.ag. The Cisco Umbrella rank of the primary domain is 476214.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on January 12th 2023. Valid for: a year.

This is the only time api.betonline.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	104.17.65.19 104.17.65.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
4	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
14	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	52.17.107.167 52.17.107.167	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
2	95.217.77.229 95.217.77.229	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
1 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.186.194.58 35.186.194.58	() ()
3	178.249.97.99 178.249.97.99	() ()
7	178.249.97.98 178.249.97.98	() ()
2	178.249.96.10 178.249.96.10	() ()
2	178.249.96.141 178.249.96.141	() ()
114	27

16 104.17.65.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.betonline.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.betonline.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

gk2c59ma3x.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.107.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-107-167.eu-west-1.compute.amazonaws.com

src.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.77.229 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: data-api-new03.kameleoon.net

data.kameleoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.74 (United States)

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 1 redirects

ASN21859 (ZEN-ECN, US)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (None, )

ASN- ()

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.97.99 (None, )

ASN- ()

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.97.98 (None, )

ASN- ()

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.96.10 (None, )

ASN- ()

lo.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.96.141 (None, )

ASN- ()

lo0.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
16	betonline.ag 2 redirects www.betonline.ag — Cisco Umbrella Rank: 509907 api.betonline.ag — Cisco Umbrella Rank: 476214	1 MB
14	google.com www.google.com — Cisco Umbrella Rank: 10	167 KB
10	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	427 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3274 lo.idp.liveperson.net lo0.v.liveperson.net	132 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2232 rs.fullstory.com	73 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
4	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1993	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
2	xtremepush.com api.xtremepush.com — Cisco Umbrella Rank: 27831	1 KB
2	kameleoon.io data.kameleoon.io — Cisco Umbrella Rank: 17334	998 B
2	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5599	21 KB
2	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5149	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	170 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 535	33 KB
1	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3905	267 B
1	basis.net 1 redirects pixel-a.basis.net — Cisco Umbrella Rank: 24434	635 B
1	acuityplatform.com acuityplatform.com — Cisco Umbrella Rank: 1349	506 B
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	349 B
1	webpu.sh src.webpu.sh — Cisco Umbrella Rank: 176679	37 KB
1	kameleoon.eu gk2c59ma3x.kameleoon.eu — Cisco Umbrella Rank: 797938	46 KB
114	22

	Domain	Requested by
19	www.gstatic.com	www.google.com www.gstatic.com
14	fonts.gstatic.com	fonts.googleapis.com www.google.com
14	www.google.com	api.betonline.ag www.google.com
9	api.betonline.ag	1 redirects www.betonline.ag api.betonline.ag
7	lpcdn.lpsnmedia.net	api.betonline.ag
7	www.betonline.ag	1 redirects www.betonline.ag api.betonline.ag
4	bam-cell.nr-data.net	www.betonline.ag js-agent.newrelic.com api.betonline.ag
3	accdn.lpsnmedia.net	api.betonline.ag lpcdn.lpsnmedia.net
3	rs.fullstory.com	api.betonline.ag
3	www.google-analytics.com	api.betonline.ag
3	fonts.googleapis.com	www.betonline.ag api.betonline.ag
2	lo0.v.liveperson.net	api.betonline.ag
2	lo.idp.liveperson.net	api.betonline.ag lo.idp.liveperson.net
2	edge.fullstory.com	api.betonline.ag
2	lptag.liveperson.net	api.betonline.ag
2	api.xtremepush.com	api.betonline.ag
2	data.kameleoon.io	api.betonline.ag
2	cdn.mxpnl.com	api.betonline.ag
2	mpsnare.iesnare.com	api.betonline.ag
2	www.googletagmanager.com	api.betonline.ag
2	js-agent.newrelic.com	www.betonline.ag api.betonline.ag
1	pixel.sitescout.com	api.betonline.ag
1	pixel-a.basis.net	1 redirects
1	acuityplatform.com	api.betonline.ag
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	api.betonline.ag
1	stats.g.doubleclick.net	api.betonline.ag
1	src.webpu.sh	api.betonline.ag
1	gk2c59ma3x.kameleoon.eu	api.betonline.ag
114	29

This site contains links to these domains. Also see Links.

Domain
www.betonline.ag
betonline.ag
help.betonline.ag

Subject Issuer	Validity	Valid
*.betonline.ag AlphaSSL CA - SHA256 - G4	`2023-01-12` - `2024-02-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-01` - `2024-04-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
webpu.sh R3	`2023-04-26` - `2023-07-25`	3 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
data.kameleoon.io R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.xtremepush.com Go Daddy Secure Certificate Authority - G2	`2022-08-26` - `2023-09-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-03-30` - `2024-03-29`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-10` - `2024-01-10`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Frame ID: 989DE85A52E01A5CDB6A91C80A30078F
Requests: 62 HTTP requests in this frame

Frame: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/step2.html
Frame ID: E36D3925C4B3059BCE9A475773E605CA
Requests: 2 HTTP requests in this frame

Frame: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 7352558195B783A33F8C7FBF16A17741
Requests: 2 HTTP requests in this frame

Frame: https://www.betonline.ag/assets/silent-iframe.html
Frame ID: D09A0AE9B26CFBFC02F422D72AF191EF
Requests: 1 HTTP requests in this frame

Frame: https://www.betonline.ag/kameleoon-iframe.html
Frame ID: F38BFE53AE9320138C89449CFDFF2F08
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=tlh2a0coot9i
Frame ID: 7A0A4CA9FE1AE471B9220C4390E057BF
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=xfb3mgxfmfnw
Frame ID: 4AA54AE3A51FAFA0FCA2D6C0820A9CAF
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ynkqcoy9knso
Frame ID: D43E6C0E9BA4CD80F5549EB852E18AB5
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=puberqkgh19f
Frame ID: 348217461955FD07F428A18293761DB0
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=zel8g0i8qt44
Frame ID: CD6F7AE6DA28EAD4B82D04D423E65618
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ig2dxapkgzy0
Frame ID: E4C6BD61C3BAF920B20B920D37E9FC64
Requests: 7 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fapi.betonline.ag&site=90263191&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 8A056FF974112031E10375282CB500E0
Requests: 2 HTTP requests in this frame

Frame: https://lo.idp.liveperson.net/postmessage/postmessage.min.html?bust=1688190815515&loc=https%3A%2F%2Fapi.betonline.ag
Frame ID: 92F149AAAD21A5269EC7B3F43F3CB73B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Betonline

Page URL History Show full URLs

https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen... Page URL
https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-w... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

114
Requests

96 %
HTTPS

42 %
IPv6

22
Domains

29
Subdomains

27
IPs

6
Countries

3980 kB
Transfer

12519 kB
Size

26
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.betonline.ag/
Title: Betonline

Search URL Search Domain Scan URL

URL: https://betonline.ag/contact-us
Title: Contact support

Search URL Search Domain Scan URL

URL: https://help.betonline.ag/knowledge-base/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://help.betonline.ag/knowlege-base/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup Page URL
https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.betonline.ag/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Request Chain 10

https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fassets%2Fsilent-iframe.html&state=dc7287ea-fe07-4315-886b-06299e1be399&response_mode=fragment&response_type=code&scope=openid&nonce=110d3bd5-5a3e-4a21-9bb0-fbd424c51109&prompt=none&code_challenge=q4NwlblYojTaRC1dL-hs5dPI0IHsExoKZYowrkxHG0M&code_challenge_method=S256 HTTP 302
https://www.betonline.ag/assets/silent-iframe.html

Request Chain 62

https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256 HTTP 301
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 deposit Show response
www.betonline.ag/cashier/ 51 KB
15 KB 250ms
214ms Document
text/html 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 66a4e9d0ecbdf22329bd45209f8c1846eb4d6a92e286d72896a8dbdefd4f0958

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7dfc638c3b4a9b58-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Jul 2023 05:53:29 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css
fonts.googleapis.com/ 7 KB
795 B 57ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2170f04df3b7e03e3439440b22f30247a1ee0606d4a0253e159c8a725372ac8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Jul 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 04:58:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Jul 2023 05:53:29 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 56ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Jul 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 05:53:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Jul 2023 05:53:29 GMT

GET
H2 200 keycloak.min.js Show response
api.betonline.ag/api/auth/js/ 38 KB
13 KB 663ms
646ms Script
text/javascript 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/js/keycloak.min.js

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca6c31a4e5a9d464c424222891663cc19814190d7ba96858ff789000c4925f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:29 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, must-revalidate, no-transform, no-store
cf-ray: 7dfc638dac7c9b58-FRA
content-length: 12490
x-xss-protection: 1; mode=block

GET
H2 200 cashier.0e5bfd7d.js Show response
www.betonline.ag/assets/ 5 MB
1 MB 62ms
62ms Script
application/javascript 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/assets/cashier.0e5bfd7d.js
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c29882468ba64910558f1fe142d02dd5a109ba40bc4e449e325ae3de08f6b5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 16:41:22 GMT
cf-bgj: minify
server: cloudflare
age: 3400658
etag: W/"4b5e10-18844563b50"
cf-polished: origSize=4939280
vary: Accept-Encoding
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7dfc638decb99b58-FRA
expires: Sun, 30 Jun 2024 05:53:29 GMT

GET
H2 200 step1.html Show response
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/ Frame E36D 2 KB
3 KB 192ms
192ms Document
text/html 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa92b70b9ea6064db4e3a28366f77053c89ce83d192f08298b4947d92927f8b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' https://.google.com https://.betonline.ag https://.lpsnmedia.net https://.liveperson.net https://*.hotjar.com; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.betonline.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
cf-cache-status: DYNAMIC
cf-ray: 7dfc639318aa9b58-FRA
content-length: 2506
content-security-policy: frame-src 'self' https://*.google.com https://*.betonline.ag https://*.lpsnmedia.net https://*.liveperson.net https://*.hotjar.com; object-src 'none';
content-type: text/html;charset=utf-8
date: Sat, 01 Jul 2023 05:53:30 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2

200

invisible.js Show response
www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 7352
Redirect Chain

https://www.betonline.ag/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

7 KB
3 KB

11ms
11ms

Script
application/javascript

104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6cd62a84c9c8a741e0a94b5a89a90bc7c8faa77e9e7f0af97cbef9b2c43ed22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7dfc639348ce9b58-FRA

Redirect headers

access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
date: Sat, 01 Jul 2023 05:53:30 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 7dfc639328ba9b58-FRA
vary: accept-encoding

POST
H2 200 7dfc638c3b4a9b58 Show response
www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7352 0
285 B 32ms
32ms XHR
text/plain 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/7dfc638c3b4a9b58
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Jul 2023 05:53:30 GMT
content-encoding: br
server: cloudflare
cf-ray: 7dfc639419869b58-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 step2.html Show response
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/ Frame E36D 3 KB
3 KB 184ms
184ms Document
text/html 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies/step1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f830d94aa516673a4dbf1da32b512da5fe303efa9bd7833ecd0d3a6e47316e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' https://.google.com https://.betonline.ag https://.lpsnmedia.net https://.liveperson.net https://*.hotjar.com; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
cf-cache-status: DYNAMIC
cf-ray: 7dfc639459e09b58-FRA
content-length: 2693
content-security-policy: frame-src 'self' https://*.google.com https://*.betonline.ag https://*.lpsnmedia.net https://*.liveperson.net https://*.hotjar.com; object-src 'none';
content-type: text/html;charset=utf-8
date: Sat, 01 Jul 2023 05:53:30 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 nr-spa-1208.min.js Show response
js-agent.newrelic.com/ 42 KB
16 KB 45ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1208.min.js

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
content-encoding: gzip
via: 1.1 varnish
date: Sat, 01 Jul 2023 05:53:30 GMT
strict-transport-security: max-age=300
x-amz-request-id: GVJR72QMS3KAXNJ2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15815
x-amz-id-2: YXUWZCy3gYtzBvnKix7bPZHTeO0JigCrnb+xzgW05KQHvEOu+sy6qaXK8jeb2Zh+F/sHbP3lrVA=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Wed, 10 Mar 2021 16:24:31 GMT
server: AmazonS3
x-timer: S1688190811.527185,VS0,VE0
etag: "d9d4f5c3991c0454eca3e6b2ddfe31d9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 47

GET
H2

200

silent-iframe.html Show response
www.betonline.ag/assets/ Frame D09A
Redirect Chain

https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fassets%2Fsilent-iframe.html&state=dc7287ea-fe07...
https://www.betonline.ag/assets/silent-iframe.html

106 B
329 B

217ms
217ms

Document
text/html

104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/assets/silent-iframe.html
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c49aa13b7dc02f4dce9ae5b902e29e2bcb6df83ea8822b90be4380fbca15ba1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 7dfc6396cc1d9b58-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jul 2023 05:53:30 GMT
last-modified: Tue, 27 Jun 2023 15:14:08 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

cache-control: no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7dfc63959af79b58-FRA
content-length: 0
date: Sat, 01 Jul 2023 05:53:30 GMT
location: https://www.betonline.ag/assets/silent-iframe.html#error=login_required&state=dc7287ea-fe07-4315-886b-06299e1be399
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 98d3b5cc84
bam-cell.nr-data.net/1/ 56 B
956 B 702ms
635ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/98d3b5cc84?a=1286345432&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1584&ck=1&ref=https://www.betonline.ag/cashier/deposit&be=275&fe=1534&dc=1137&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1688190808957,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:24,%22ce%22:36,%22rq%22:36,%22rp%22:250,%22rpe%22:253,%22dl%22:253,%22di%22:925,%22ds%22:1137,%22de%22:1150,%22dc%22:1533,%22l%22:1533,%22le%22:1534%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 05:53:31 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzxQiCdVfsylPIjRlWwGg0xcSkZGk%2FgIgACHqi71RWz9QCefDtheSg%2Bd4L5HNf4G7Bwxawpe%2FEM8TpGRQrDgTHsJ%2Fs2uTYoOKqSyRLaBJnLGKRiuoOrTIPFqPKqeKVMg%2FaRs2dD6"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7dfc63964a213a90-FRA

GET auth
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/ 0
0

GET
H2 200 Primary Request auth Show response
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/ 60 KB
20 KB 729ms
729ms Document
text/html 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256

Requested by

Host: www.betonline.ag
URL: https://www.betonline.ag/assets/cashier.0e5bfd7d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b9a466c17cbbee49b983b27224424a051aae752d5524051704a15c2fa389e8

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' https://.google.com https://.betonline.ag https://.lpsnmedia.net https://.liveperson.net https://*.hotjar.com; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.betonline.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7dfc63985d459b58-FRA
content-encoding: br
content-language: en
content-security-policy: frame-src 'self' https://*.google.com https://*.betonline.ag https://*.lpsnmedia.net https://*.liveperson.net https://*.hotjar.com; object-src 'none';
content-type: text/html;charset=utf-8
date: Sat, 01 Jul 2023 05:53:31 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK 98d3b5cc84
bam-cell.nr-data.net/events/1/ 24 B
734 B 260ms
259ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/98d3b5cc84?a=1286345432&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=2291&ck=1&ref=https://www.betonline.ag/cashier/deposit
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cashier/deposit?utm_source=Transaction&utm_medium=email&utm_campaign=bol_gen_failed_reup
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 01 Jul 2023 05:53:31 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.betonline.ag
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oTkid9voFdlUDr1H9f4Qxu6JJ4e4llrnD%2BV9BTZa6jHqj6ZhljKlb1qeqjLL6nphyl76MYJlWMiG6OC7r2omsoYD9xYIw%2BDqUjuZs3VwC%2BacTFmI81XchPx87297HLQDAE4SyAu"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7dfc639a4e053a90-FRA
Content-Length: 24

POST 98d3b5cc84
bam-cell.nr-data.net/events/1/ 0
0

POST 98d3b5cc84
bam-cell.nr-data.net/jserrors/1/ 0
0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 944 B
927 B 81ms
24ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&onload=onRecaptchaLoaded

Requested by

Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4403aa03dc71567cea3ed93378cddecbd0c91382ca6e66fd6e4752423e0c56c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 607
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:31 GMT

GET
H2 200 kameleoon.js Show response
gk2c59ma3x.kameleoon.eu/ 187 KB
46 KB 53ms
18ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gk2c59ma3x.kameleoon.eu/kameleoon.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

400319816c8ff11604c0590fe70c4f856d5bf2d5e5d014ad2fbcb2424fe723fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Jun 2023 01:22:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4085
etag: W/"649250db-2ece8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW2rXNLXF29R9QxgjFzKR4uLGM7LkTuDeQ%2BcvzKqaxzPpfhdN7McvyNtEzmwEm%2BPBNgKfSrie9EoOoBGItvMqi8oGVGuAqBJBMMwcms5TH9f4RylEOHaa7i3bPlXG%2Bjg5vwjYV374HzNuPOoKh%2Bnly3B6ld%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
cf-ray: 7dfc639d2e7a3801-FRA
expires: Sat, 01 Jul 2023 06:15:26 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 427 KB
172 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&onload=onRecaptchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://api.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
85 KB 74ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

686ab60280d22cfc2fd8c767f51c7d723e25f07cb7b67e601f8660bfe6f645f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86452
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Jul 2023 05:53:31 GMT

GET
H2 200 kameleoon-iframe.html Show response
www.betonline.ag/ Frame F38B 11 KB
3 KB 195ms
194ms Document
text/html 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/kameleoon-iframe.html
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 53ab674b8feba7795576636aa8fa79ac854a6e2b10071385fe03739045fb2178

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 7dfc639d79a29b58-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Jul 2023 05:53:31 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 login.f3910aa297de80d1f34e.css
api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/ 319 KB
14 KB 770ms
769ms Stylesheet
text/css 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/login.f3910aa297de80d1f34e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd66e6af8591d1ddf9bd195447391afd1aa0ab06b32e19928c57a230d0d868af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
cf-cache-status: EXPIRED
last-modified: Fri, 30 Jun 2023 21:59:31 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7dfc639dea0a9b58-FRA
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 05:53:32 GMT

GET
H2 200 vendor.b3b7de50c94f8b09ec83.min.js Show response
api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/ 214 KB
74 KB 1086ms
1085ms Script
text/javascript 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/vendor.b3b7de50c94f8b09ec83.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19cc359be5c46d597433edfd8129f4674b6f6a13868b4d0eeeee713e7a615fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
cf-cache-status: EXPIRED
last-modified: Sat, 01 Jul 2023 02:15:02 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7dfc639dea0d9b58-FRA
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 05:53:32 GMT

GET
H2 200 login.5fc22a561eb6188470cf.min.js Show response
api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/ 9 KB
4 KB 666ms
666ms Script
text/javascript 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/login.5fc22a561eb6188470cf.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12b094c2b237f786045c0e2cb740a29f029a3b3e801edca45e307698eebf8b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
cf-cache-status: EXPIRED
last-modified: Fri, 30 Jun 2023 21:59:31 GMT
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7dfc639dea0e9b58-FRA
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 05:53:32 GMT

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 146ms
35ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7d262151848b9ba6034c624ecec9f8d346aea6916f5ec97ae47e73f150f9b8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 05:53:31 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jul 2023 05:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2931
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 01 Jul 2023 07:04:41 GMT

GET
H/1.1 200
OK sdk.js Show response
src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/ 173 KB
37 KB 175ms
88ms Script
text/javascript 52.17.107.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.107.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-107-167.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2e1e2211e73ed30da497cceb67241a5767ae67828ab5afdf44406e859ace5c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 05:53:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 10 May 2023 19:15:35 GMT
x-amz-request-id: 5T0196A6193PMNJ1
ETag: W/"a3fc3b52686d20ad027f5f0a3e023000"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Connection: keep-alive
x-amz-id-2: qe2X+J2OSlJhluv1dKB3ukcvAbkZnmfcexVSz15zebu6L/iyPH7W0xe07TDPGk9QskKsOqc051w=

GET
H2 200 mixpanel-js-wrapper.js Show response
cdn.mxpnl.com/libs/ 3 KB
3 KB 185ms
131ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9502449ac2b03f78eb752b6b2a97180ae5b698da4a77c6ebd957a1c39e0890d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:32 GMT
age: 1
x-guploader-uploadid: ADPycdsWU01V6VSqhHE_C832QYkXG0-oMr_kb5uet55Mcf9gm3YR-J5diTsdnmMOtezi_eWyEZX3l8lFl6e9Ff6_D97r2A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2935
last-modified: Tue, 25 Apr 2023 21:03:37 GMT
server: UploadServer
etag: "9d3bf1685d40ce3ee7430af329db9409"
x-goog-generation: 1682456617206016
x-goog-hash: crc32c=7unirQ==, md5=nTvxaF1Azj7nQwrzKduUCQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 2935
accept-ranges: bytes
expires: Sat, 01 Jul 2023 06:53:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1929158574e2b479244fa9ea88086932cd7c768e62ef370779e8feae2a4897c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 01 Jul 2023 05:53:32 GMT

POST
H/1.1 204
No Content events Show response
data.kameleoon.io/visit/ 0
499 B 143ms
41ms XHR
text/plain 95.217.77.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=gk2c59ma3x&visitorCode=crcynkvhmklcdf26&itp=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.229 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new03.kameleoon.net

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Jul 2023 05:53:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Server: nginx/1.22.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

POST
H/1.1 204
No Content events Show response
data.kameleoon.io/visit/ 0
499 B 41ms
41ms XHR
text/plain 95.217.77.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=gk2c59ma3x&visitorCode=crcynkvhmklcdf26&itp=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.229 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new03.kameleoon.net

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Jul 2023 05:53:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Server: nginx/1.22.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 24ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/login.f3910aa297de80d1f34e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Jul 2023 05:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 05:22:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Jul 2023 05:53:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 22ms
21ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=539731251&t=pageview&_s=1&dl=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256&dr=https%3A%2F%2Fwww.betonline.ag%2F&ul=en-us&de=UTF-8&dt=Sign%20in%20to%20Betonline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACACI~&jid=756724790&gjid=941841770&cid=797776546.1688190813&tid=UA-190679354-1&_gid=382080430.1688190813&_r=1&_slc=1&gtm=45He36s0n81WQHV4BL&cd6=not-iframe&cd7=2023-07-01T05%3A53%3A31.898%2B00%3A00&z=223447748

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://api.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-190679354-1&cid=797776546.1688190813&jid=756724790&gjid=941841770&_gid=382080430.1688190813&_u=YEBAAEAAAAAAACACI~&z=313933327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Jul 2023 05:53:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://api.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 29ms
24ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-190679354-1&cid=797776546.1688190813&jid=756724790&_u=YEBAAEAAAAAAACACI~&z=607226909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 63ms
25ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-190679354-1&cid=797776546.1688190813&jid=756724790&_u=YEBAAEAAAAAAACACI~&z=607226909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK deviceCreate Show response
api.xtremepush.com/push/api/ 226 B
917 B 366ms
239ms XHR
application/json 52.17.107.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceCreate

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.107.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-107-167.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b3867c6a628a4b8019ae9d8e6fb3bc46b4969d71c875185cd7ace67b2ad2916e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Jul 2023 05:53:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://api.betonline.ag
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
809 B 35ms
35ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f40805dfad17eeb25d91569ad32e8230271cf6e2ded43817d8199c70824f9ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 05:53:32 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sun, 30 Jun 2024 05:53:32 GMT

GET
H2 200 logo.png
api.betonline.ag/api/auth/resources/0pe81/login/newbol/img/ 2 KB
2 KB 738ms
737ms Image
image/png 104.17.65.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/img/logo.png?5157e821218753b0d9ebad69fb8348bf

Requested by

Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/resources/0pe81/login/newbol/bundles/login.f3910aa297de80d1f34e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.65.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98d1bd4ba8b8e452d14d242ba5d6af36b55f565c0debe7a687c0d1ca1e8ac2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 01 Jul 2023 02:15:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7dfc63a528989b58-FRA
content-length: 2036
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2023 05:53:33 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 19909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:21:44 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 70ms
32ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:23:10 GMT
x-content-type-options: nosniff
age: 581423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 12:23:10 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7A0A 50 KB
27 KB 45ms
44ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=tlh2a0coot9i

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8c45c89ed1e189aa49e7182811fa40e9fe60c017bd8469286113338a19b74fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H1KitqAewAzBIN1-HgPjnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28077
content-security-policy: script-src 'report-sample' 'nonce-H1KitqAewAzBIN1-HgPjnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4AA5 50 KB
27 KB 64ms
64ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

430a32e3504b11a7c4cd965652bb4395cb3244150a70e46872492d30d5b85c02

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wba-J4aSGbG_XYKF7SUx5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27950
content-security-policy: script-src 'report-sample' 'nonce-wba-J4aSGbG_XYKF7SUx5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D43E 50 KB
27 KB 70ms
70ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

edc4cfb9be38ec4af0beed71ff0c889b4c9f71ebed4154446379db7ce9651f21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9FA9YigYVBiLDDcopXIqBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27977
content-security-policy: script-src 'report-sample' 'nonce-9FA9YigYVBiLDDcopXIqBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3482 50 KB
27 KB 37ms
36ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eebdcf764dee8b108227d697c76fb5c65ebd48f468374d912eb966d5150f9542

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GoxUKbyKgk3sj1INBj6Ung' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27915
content-security-policy: script-src 'report-sample' 'nonce-GoxUKbyKgk3sj1INBj6Ung' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CD6F 52 KB
28 KB 69ms
68ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9eeee12d88c3783a77337a9ec23701d6026b229398c11ae20da140b3c9456731

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yZoCC3rwja4_8VOXgnvwZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28977
content-security-policy: script-src 'report-sample' 'nonce-yZoCC3rwja4_8VOXgnvwZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E4C6 50 KB
27 KB 66ms
64ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad5f59089a06c41b332cc27965e1e76d9149716b7e595f1a6fb23eeca2c24eb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HrELJ5ujilx8redAsWy4DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27856
content-security-policy: script-src 'report-sample' 'nonce-HrELJ5ujilx8redAsWy4DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 05:53:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 230ms
70ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=90263191

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 62ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KC6V6402HY&gtm=45je36s0&_p=539731251&cid=797776546.1688190813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688190813&sct=1&seg=0&dl=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256&dr=https%3A%2F%2Fwww.betonline.ag%2F&dt=Sign%20in%20to%20Betonline&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://api.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 3482 55 KB
24 KB 65ms
22ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=puberqkgh19f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 3482 427 KB
172 KB 108ms
65ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 7A0A 55 KB
24 KB 67ms
30ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 7A0A 427 KB
172 KB 103ms
66ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 4AA5 55 KB
24 KB 53ms
24ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 4AA5 427 KB
172 KB 89ms
60ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame D43E 55 KB
24 KB 61ms
50ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame D43E 427 KB
172 KB 78ms
67ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame E4C6 55 KB
24 KB 44ms
38ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame E4C6 427 KB
172 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CD6F 55 KB
24 KB 52ms
51ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CD6F 427 KB
172 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175692
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:07:44 GMT

GET
H/1.1 200 6516535879176609792
acuityplatform.com/Adserver/pxl/ 70 B
506 B 188ms
43ms Image
image/png 154.59.122.74
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acuityplatform.com/Adserver/pxl/6516535879176609792
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.59.122.74 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png
Pragma: no-cache
Date: Sat, 01 Jul 2023 05:53:33 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H2

200

dd731635ddce362e
pixel.sitescout.com/up/
Redirect Chain

https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri...
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_u...

43 B
267 B

48ms
17ms

Image
image/gif

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:32 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256
content-length: 0

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 76ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 005b5900b7c883605a51064c4d229f497c8ba63718c411f74a071316b33d2e1f

Request headers

Referer
Origin: https://api.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:13:02 GMT
content-encoding: br
age: 2431
x-guploader-uploadid: ADPycduIAXzYYG20UgJQR69E1BnGWnJqex4ME8FazvFkLgR2QuF0jB4b7ESuCWm_acaHpbbuMKYUsOpb3JcQ9_gtWAeQYyE372bG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68503
last-modified: Wed, 28 Jun 2023 13:26:56 GMT
server: UploadServer
etag: "c431892ce89bbd56f16f65946a7f758f"
vary: Accept-Encoding
x-goog-generation: 1687958816246082
x-goog-hash: crc32c=2Iq53w==, md5=xDGJLOibvVbxb2WUan91jw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68503
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 01 Jul 2023 06:13:02 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 23ms
16ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 20:06:04 GMT
content-encoding: gzip
age: 35249
x-guploader-uploadid: ADPycds_Ye3TxAgojQIzCqqZaxf1UM7brN1JTxFIcefwlSs8Yq0HYaBanEUzjwH3KouVnXk7vco7CuBt8c995GmX1dmZxA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Sat, 01 Jul 2023 20:06:04 GMT

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 68 B
483 B 33ms
33ms XHR
application/json 52.17.107.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xtremepush.com/push/api/deviceUpdate
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.107.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-107-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Jul 2023 05:53:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://api.betonline.ag
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/90263191/configuration/applications/taglets/ 325 KB
115 KB 82ms
69ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/90263191/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

b42c4869214bc308496aa74afd2cd6bbde7d4d8525162d18bbf43b18ecbeaca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1HPCWM-na1/v1/ 4 KB
2 KB 22ms
21ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1HPCWM-na1/v1/web
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f9ef1e9fa9112b3ff5295277707d88c82ba99a2ffe5df839493140dcd9295f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:42:49 GMT
content-encoding: gzip
age: 644
x-guploader-uploadid: ADPycdv9oKni5oFCeaJaMZe8q-Q9qVAJHBgjgHWY6dxpWQgqd79Ixr6k4uGO2Lk9yy4GwqCimRZa5QFwUxGINBB1NxtBSQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
last-modified: Sat, 01 Jul 2023 05:41:08 GMT
server: UploadServer
etag: "8673c07c2fc97d99ddcc182bfbf55f22"
x-goog-generation: 1687959068426423
x-goog-hash: crc32c=M9RxNg==, md5=hnPAfC/JfZndzBgr+/VfIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1263
accept-ranges: bytes
content-type: application/json
expires: Sat, 01 Jul 2023 05:57:49 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4AA5 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4AA5 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4AA5 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3482 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3482 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3482 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E4C6 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E4C6 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E4C6 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CD6F 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD6F 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD6F 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7A0A 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7A0A 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7A0A 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 204ms
127ms XHR
application/json 35.186.194.58

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 806e66516bfaf00c64c5c99a16a810a443d52eb905391eb3dcf79f846dda06c8

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://api.betonline.ag
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1482

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D43E 2 KB
2 KB 15ms
15ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 278396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D43E 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 280038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D43E 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 561948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4AA5 102 B
134 B 23ms
23ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=xfb3mgxfmfnw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3482 102 B
134 B 25ms
25ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=puberqkgh19f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E4C6 102 B
134 B 24ms
23ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ig2dxapkgzy0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CD6F 102 B
134 B 24ms
23ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=zel8g0i8qt44
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7A0A 102 B
134 B 24ms
23ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=tlh2a0coot9i
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D43E 102 B
134 B 30ms
27ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfdNXAaAAAAAKMRn94m3qxN2pZXLWsI_6b15C97&co=aHR0cHM6Ly9hcGkuYmV0b25saW5lLmFnOjQ0Mw..&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ynkqcoy9knso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Jul 2023 05:53:33 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/90263191/configuration/setting/accountproperties/ 7 KB
3 KB 140ms
21ms Script
application/javascript 178.249.97.99

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/90263191/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

570aaa046ae16b217f655c1923dcd1aeec60101ecba1c965bf3045e5d7fb68c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: MISS
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sat, 01 Jul 2023 05:54:33 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ 40 KB
15 KB 237ms
42ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ui-framework.js?version=10.28.2.0-release_5584

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 24 Jun 2023 01:26:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ 88 KB
30 KB 258ms
62ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/UMSClientAPI.min.js?version=10.28.2.0-release_5584

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 24 Jun 2023 01:26:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ 92 KB
31 KB 278ms
83ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/lpChatV3.min.js?version=10.28.2.0-release_5584

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 24 Jun 2023 01:26:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ 8 KB
3 KB 299ms
104ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/surveylogicinstance.min.js?version=10.28.2.0-release_5584

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 24 Jun 2023 01:26:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/90263191/configuration/le-campaigns/ 7 KB
2 KB 151ms
39ms Script
application/javascript 178.249.97.99

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/90263191/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

45158959d1f43b194c540740a8601f69b3151bb5b6f12a0879e7bf9b32b155c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: MISS
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Sat, 01 Jul 2023 05:54:33 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 2 KB
2 KB 115ms
114ms Script
text/javascript 35.186.194.58

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=o-1HPCWM-na1
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb2f44b46763269eca748f8d5dd3babbd24f5bc793bb9815986fe0ceae35657

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:33 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/ 991 KB
310 KB 43ms
42ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.28.2.0-release_5584/desktopEmbedded.js?version=10.28.2.0-release_5584

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

15fa1a58b6d9f6744bae558900321f7e256797cf3ed2d6bf60c52e94e4efe629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 24 Jun 2023 01:26:46 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 8A05 39 KB
16 KB 42ms
42ms Document
text/html 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fapi.betonline.ag&site=90263191&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Sat, 01 Jul 2023 05:53:34 GMT
expires: Sun, 30 Jun 2024 05:53:34 GMT
last-modified: Fri, 17 Mar 2023 01:15:35 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 37 KB
15 KB 98ms
98ms Script
application/javascript 178.249.97.98

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fapi.betonline.ag&site=90263191&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.98 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 17 Mar 2023 01:15:36 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Sun, 30 Jun 2024 05:53:34 GMT

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/90263191/configuration/domainprotection/ Frame 8A05 113 B
1 KB 53ms
53ms Script
application/javascript 178.249.97.99

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/90263191/configuration/domainprotection/refererrestrictions?cb=lpCb56769x92328

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fapi.betonline.ag&site=90263191&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

d9c5dabd33136621c43b8c6f2bef93adba4dca2b80392e913fcc2c5c65302197

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:34 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
x-envoy-upstream-service-time: 12
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
17 KB 7ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1215.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
via: 1.1 varnish
date: Sat, 01 Jul 2023 05:53:34 GMT
strict-transport-security: max-age=300
x-amz-request-id: REHBJPBACG24286Q
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: OGfcDeP2n+SDNFAgPYiE6c1iaocQwCvCSUVAwcPpTk9ohbExX7trxUYqcoKXxxSaupxJ3LzAR3E=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1688190814.494399,VS0,VE0
etag: "7e1862f7a390ed9fc02c299216395547"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 288

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=539731251&t=timing&_s=2&dl=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256&dr=https%3A%2F%2Fwww.betonline.ag%2F&ul=en-us&de=UTF-8&dt=Sign%20in%20to%20Betonline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3559&pdt=293&dns=0&rrt=1&srt=729&tcp=0&dit=2073&clt=2074&_gst=963&_gbt=1725&_u=YEBAAEABAAAAACACIAC~&jid=&gjid=&cid=797776546.1688190813&tid=UA-190679354-1&_gid=382080430.1688190813&gtm=45He36s0n81WQHV4BL&cd6=not-iframe&cd7=2023-07-01T05%3A53%3A31.898%2B00%3A00&z=1012270352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 23:16:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23803
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 98d3b5cc84 Show response
bam-cell.nr-data.net/1/ 56 B
963 B 271ms
271ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/98d3b5cc84?a=1588652129&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3576&ck=1&ref=https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth&be=882&fe=3559&dc=2074&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1688190810936,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:1,%22rp%22:730,%22rpe%22:1023,%22dl%22:734,%22di%22:2073,%22ds%22:2074,%22de%22:2128,%22dc%22:3559,%22l%22:3559,%22le%22:3560%7D,%22navigation%22:%7B%7D%7D&fp=2034&fcp=2078&jsonp=NREUM.setToken
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 05:53:34 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ6OmVPRhXSzD0%2Bh8M%2BqW%2FZxi6Dob%2BVZ99nvSVARDEbJeug1YHS3xssCXzd%2BytK9r33IQ40JuWmTuvvjaAp9dbQdQjTpnIJjaX3%2BRifyV6NFvscp9H30QpnazCcLeo0G6eaCgQtq"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7dfc63aebc3b3667-FRA

POST
H/1.1 200
OK 98d3b5cc84 Show response
bam-cell.nr-data.net/events/1/ 24 B
738 B 254ms
254ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/98d3b5cc84?a=1588652129&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3856&ck=1&ref=https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 01 Jul 2023 05:53:35 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://api.betonline.ag
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM9fVc%2BExolix6KOhrJXDtnUAw3YRan%2F0HLNDJpMV0uFdvbkSVbcKn1OpsBmlC3lanyJEs8GczOgE3oy0v6NDXE2ZTuUx%2F5a%2BsarZV92eVVId8xoA%2BxzxrPcSE5ZDT6Oc3dwIS7e"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7dfc63b07dd33667-FRA
Content-Length: 24

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 244ms
226ms XHR
application/json 35.186.194.58

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1HPCWM-na1&UserId=13c1e999-cdb5-4867-93b6-2ead58b02aae&SessionId=5b29c803-95dd-47ad-870c-c382f8bb24a8&PageId=e4e73f13-217a-45d8-a317-8ad35fee7bcc&Seq=1&PageStart=1688190813934&PrevBundleTime=0&LastActivity=861&IsNewSession=true
Requested by: Host: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 744c7b627c65603815045dffe15bc2c3b2f1893e02c97873c517021d0f4cb08e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://api.betonline.ag
date: Sat, 01 Jul 2023 05:53:35 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 postmessage.min.html Show response
lo.idp.liveperson.net/postmessage/ Frame 92F1 11 KB
5 KB 139ms
22ms Document
text/html 178.249.96.10

General

Check archive.org

Show headers Download Go to

Full URL

https://lo.idp.liveperson.net/postmessage/postmessage.min.html?bust=1688190815515&loc=https%3A%2F%2Fapi.betonline.ag

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.96.10 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Sat, 01 Jul 2023 05:53:35 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 authorize Show response
lo.idp.liveperson.net/api/account/90263191/anonymous/ Frame 92F1 678 B
2 KB 98ms
98ms XHR
application/json 178.249.96.10

General

Check archive.org

Show headers Download Go to

Full URL

https://lo.idp.liveperson.net/api/account/90263191/anonymous/authorize?__d=17296

Requested by

Host: lo.idp.liveperson.net
URL: https://lo.idp.liveperson.net/postmessage/postmessage.min.html?bust=1688190815515&loc=https%3A%2F%2Fapi.betonline.ag

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.96.10 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

f7e8c0c722b84ff0150c7b4d67055187bdda9d53364b42b8e16d2b132a8e39f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

LP-DOMAIN-REFERER: https://api.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: */*
Referer: https://lo.idp.liveperson.net/postmessage/postmessage.min.html?bust=1688190815515&loc=https%3A%2F%2Fapi.betonline.ag
X-Requested-With: XMLHttpRequest
LP-URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 05:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/json
access-control-allow-origin: https://lo.idp.liveperson.net
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length: 678

GET
H2 200 90263191 Show response
lo0.v.liveperson.net/api/js/ 236 B
1 KB 140ms
45ms Script
application/javascript 178.249.96.141

General

Check archive.org

Show headers Download Go to

Full URL

https://lo0.v.liveperson.net/api/js/90263191?&cb=lpCb99243x52728&t=sp&ts=1688190815504&pid=4158327666&tid=8470153108&pt=Sign%20in%20to%20Betonline&u=https%3A%2F%2Fapi.betonline.ag%2Fapi%2Fauth%2Frealms%2Fbetonline%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dbetonline-web%26redirect_uri%3Dhttps%253A%252F%252Fwww.betonline.ag%252Fcashier%252Fdeposit%253Futm_source%253DTransaction%2526utm_medium%253Demail%2526utm_campaign%253Dbol_gen_failed_reup%26state%3D74ec15a1-d692-4e85-9131-56749f113925%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D0ed9593f-9096-4e86-8389-d694d67431c3%26code_challenge%3D9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0%26code_challenge_method%3DS256&r=https%3A%2F%2Fwww.betonline.ag%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%222b2ea08b-1b10-4fef-aea0-8b1b10dfefe6%22%2C%22account%22%3A%2290263191%22%7D%5D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.96.141 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

97c6f47c9ffa0626f9673dc5665f59926eae8497d332b467f9e2782e03f940b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 90263191 Show response
lo0.v.liveperson.net/api/js/ 111 B
900 B 23ms
23ms Script
application/javascript 178.249.96.141

General

Check archive.org

Show headers Download Go to

Full URL

https://lo0.v.liveperson.net/api/js/90263191?sid=bbCWMbsVQ62ZFokTMSdq4Q&cb=lpCb22169x90949&t=pl&ts=1688190815795&pid=4158327666&tid=8470153108&vid=UwZDdlMjY1NDBhNmVlYmUy

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.96.141 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

764e734dbc489ef69bec69db761c2b769a2a66c6a06b18a8db81ce09ae5475c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.betonline.ag
URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=69b7c1c7-56b0-4c07-95e3-0c4b42193c71&response_mode=fragment&response_type=code&scope=openid&nonce=d3a850db-ed23-4dad-a769-1b8564aa2c5c&code_challenge=qbNVjktp8A0YhY1Fw6xWyul2B63rz4TZIhOZWKVqe94&code_challenge_method=S256

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/98d3b5cc84?a=1286345432&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=2711&ck=1&ref=https://www.betonline.ag/cashier/deposit

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/jserrors/1/98d3b5cc84?a=1286345432&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=2712&ck=1&ref=https://www.betonline.ag/cashier/deposit

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/3p-cookies	1969-12-31 23:59:59	Name: f5_cspm Value: 1234
api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect	1969-12-31 23:59:59	Name: f5_cspm Value: 1234
api.betonline.ag/api/auth/realms/betonline/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: fe3c196d-2e75-4846-8394-fec5046d4bd5.e78f4bc8538c
api.betonline.ag/api/auth/realms/betonline/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: fe3c196d-2e75-4846-8394-fec5046d4bd5.e78f4bc8538c
api.betonline.ag/api/auth/realms/betonline/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0MmVjYWRjZC00MjBiLTQ0MGItODFhMC1kNGZmZThiOWNhNWQifQ.eyJjaWQiOiJiZXRvbmxpbmUtd2ViIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly93d3cuYmV0b25saW5lLmFnL2Nhc2hpZXIvZGVwb3NpdD91dG1fc291cmNlPVRyYW5zYWN0aW9uJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPWJvbF9nZW5fZmFpbGVkX3JldXAiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vYXBpLmJldG9ubGluZS5hZy9hcGkvYXV0aC9yZWFsbXMvYmV0b25saW5lIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly93d3cuYmV0b25saW5lLmFnL2Nhc2hpZXIvZGVwb3NpdD91dG1fc291cmNlPVRyYW5zYWN0aW9uJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPWJvbF9nZW5fZmFpbGVkX3JldXAiLCJzdGF0ZSI6Ijc0ZWMxNWExLWQ2OTItNGU4NS05MTMxLTU2NzQ5ZjExMzkyNSIsIm5vbmNlIjoiMGVkOTU5M2YtOTA5Ni00ZTg2LTgzODktZDY5NGQ2NzQzMWMzIiwiY29kZV9jaGFsbGVuZ2UiOiI5clpuTUhndkFjeVdjQXQwX0FHdE81OFItYUNJNC1hbDF3Y2lVaEdBT2MwIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.Pd0FiiSwyvFJdbHBzm1S1A4nagWPsKmUOMOUnTedew0
.betonline.ag/	1970-01-20 15:06:06	Name: CT.CONTENT.NA.STATUS Value: 1
.betonline.ag/	1969-12-31 23:59:59	Name: __cfruid Value: f786a84387435fc0ee22a6d5291c264192ad584a-1688190809
api.betonline.ag/	1969-12-31 23:59:59	Name: _85a6a Value: http://10.0.7.6:8080
www.betonline.ag/	1969-12-31 23:59:59	Name: lastUrlforCashier Value: /
.betonline.ag/	1969-12-31 23:59:59	Name: redirect-to-auth-server Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: f40a0ae84493ae2d
api.betonline.ag/	1969-12-31 23:59:59	Name: server_persistent Value: !SWhFgClC/djel0KKJcby5Il79pzHsTG6HPHyaEXhv4gRpeyASmNckXS3tLePcco8ywcLbI8Z2r768e8=
.betonline.ag/	1970-01-20 15:06:06	Name: PreviousUrlNav Value: %2Fkameleoon-iframe.html
.betonline.ag/	1970-01-20 21:42:06	Name: kameleoonVisitorCode Value: _js_crcynkvhmklcdf26
mpsnare.iesnare.com/	1970-01-20 21:42:06	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 7+LeZxjd/rXyBinWla/MuYp2dt75quDRN4T1n60RaQE=
.betonline.ag/	1970-01-20 12:57:57	Name: _gid Value: GA1.2.382080430.1688190813
.betonline.ag/	1970-01-20 12:56:30	Name: _gat_UA-190679354-1 Value: 1
.betonline.ag/	1970-01-20 22:32:30	Name: _ga Value: GA1.1.797776546.1688190813
.betonline.ag/	1970-01-20 22:32:30	Name: _ga_KC6V6402HY Value: GS1.1.1688190813.1.0.1688190813.0.0.0
.betonline.ag/	1970-01-20 17:15:42	Name: _xpid Value: 2231513713
.betonline.ag/	1970-01-20 17:15:42	Name: _xpkey Value: qaRxAH78dqIe6sjgD-CAWUc9KftMD4LD
.betonline.ag/	1970-01-20 12:56:32	Name: __cf_bm Value: hpcA6UPBpaoIZS1wauj71iJ.2x0E5UlrPRzWxsfuNnQ-1688190813-0-AZAPHzSwp0hvXYbEjKKI6EgX7cKKmsgSClltvVxvRFka7Nd88UZ1wzvZo7lX3YWdWlr7kLVl+Lnw1rly7gp/C6o=
.acuityplatform.com/	1970-01-20 21:42:06	Name: auid Value: 795593559914
.betonline.ag/	1970-01-20 12:56:32	Name: fs_lua Value: 1.1688190813932
.betonline.ag/	1970-01-20 21:42:06	Name: fs_uid Value: #o-1HPCWM-na1#13c1e999-cdb5-4867-93b6-2ead58b02aae:5b29c803-95dd-47ad-870c-c382f8bb24a8:1688190813932::1#/1719726813
.betonline.ag/	1970-01-20 21:42:06	Name: mp_29807402e754b63235bef724770a9212_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A1891003844f916-0d3e4d13fa421f-6a335054-1d4c00-1891003844f916%22%2C%22%24device_id%22%3A%20%221891003844f916-0d3e4d13fa421f-6a335054-1d4c00-1891003844f916%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.betonline.ag%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.betonline.ag%22%2C%22FullStory%20Session%22%3A%20%22https%3A%2F%2Fapp.fullstory.com%2Fui%2Fo-1HPCWM-na1%2Fclient-session%2F13c1e999-cdb5-4867-93b6-2ead58b02aae%253A5b29c803-95dd-47ad-870c-c382f8bb24a8%3Fintegration_src%3Dmixpanel%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%20114%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.betonline.ag%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.betonline.ag%22%2C%22Most%20Recent%20FullStory%20Session%22%3A%20%22https%3A%2F%2Fapp.fullstory.com%2Fui%2Fo-1HPCWM-na1%2Fclient-session%2F13c1e999-cdb5-4867-93b6-2ead58b02aae%253A5b29c803-95dd-47ad-870c-c382f8bb24a8%3Fintegration_src%3Dmixpanel%22%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256 Message: Refused to frame 'https://pixel-a.basis.net/' because it violates the following Content Security Policy directive: "frame-src 'self' https://.google.com https://.betonline.ag https://.lpsnmedia.net https://.liveperson.net https://*.hotjar.com".
security	error	URL: https://api.betonline.ag/api/auth/realms/betonline/protocol/openid-connect/auth?client_id=betonline-web&redirect_uri=https%3A%2F%2Fwww.betonline.ag%2Fcashier%2Fdeposit%3Futm_source%3DTransaction%26utm_medium%3Demail%26utm_campaign%3Dbol_gen_failed_reup&state=74ec15a1-d692-4e85-9131-56749f113925&response_mode=fragment&response_type=code&scope=openid&nonce=0ed9593f-9096-4e86-8389-d694d67431c3&code_challenge=9rZnMHgvAcyWcAt0_AGtO58R-aCI4-al1wciUhGAOc0&code_challenge_method=S256 Message: Refused to frame 'https://pixel-a.basis.net/' because it violates the following Content Security Policy directive: "frame-src 'self' https://.google.com https://.betonline.ag https://.lpsnmedia.net https://.liveperson.net https://*.hotjar.com".
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
acuityplatform.com
api.betonline.ag
api.xtremepush.com
bam-cell.nr-data.net
cdn.mxpnl.com
data.kameleoon.io
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
gk2c59ma3x.kameleoon.eu
js-agent.newrelic.com
lo.idp.liveperson.net
lo0.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
mpsnare.iesnare.com
pixel-a.basis.net
pixel.sitescout.com
region1.google-analytics.com
rs.fullstory.com
src.webpu.sh
stats.g.doubleclick.net
www.betonline.ag
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
api.betonline.ag
bam-cell.nr-data.net
104.17.65.19
151.101.194.137
154.59.122.74
162.247.241.2
178.249.96.10
178.249.96.141
178.249.97.23
178.249.97.98
178.249.97.99
2001:4860:4802:34::36
2600:1901:0:498c::
2606:4700:20::681a:a1e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
35.186.194.58
35.201.112.186
52.17.107.167
54.228.71.178
95.217.77.229
98.98.134.242
005b5900b7c883605a51064c4d229f497c8ba63718c411f74a071316b33d2e1f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0f9ef1e9fa9112b3ff5295277707d88c82ba99a2ffe5df839493140dcd9295f2
0fa92b70b9ea6064db4e3a28366f77053c89ce83d192f08298b4947d92927f8b
12b094c2b237f786045c0e2cb740a29f029a3b3e801edca45e307698eebf8b61
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
15fa1a58b6d9f6744bae558900321f7e256797cf3ed2d6bf60c52e94e4efe629
1929158574e2b479244fa9ea88086932cd7c768e62ef370779e8feae2a4897c7
19cc359be5c46d597433edfd8129f4674b6f6a13868b4d0eeeee713e7a615fc5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2170f04df3b7e03e3439440b22f30247a1ee0606d4a0253e159c8a725372ac8f
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
28f830d94aa516673a4dbf1da32b512da5fe303efa9bd7833ecd0d3a6e47316e
2cb2f44b46763269eca748f8d5dd3babbd24f5bc793bb9815986fe0ceae35657
2e1e2211e73ed30da497cceb67241a5767ae67828ab5afdf44406e859ace5c7c
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
400319816c8ff11604c0590fe70c4f856d5bf2d5e5d014ad2fbcb2424fe723fb
430a32e3504b11a7c4cd965652bb4395cb3244150a70e46872492d30d5b85c02
4403aa03dc71567cea3ed93378cddecbd0c91382ca6e66fd6e4752423e0c56c7
45158959d1f43b194c540740a8601f69b3151bb5b6f12a0879e7bf9b32b155c8
48de7787b8ff87abeca3c8661dfac7d508d596a95f74df6e568d664a1f5600cf
53ab674b8feba7795576636aa8fa79ac854a6e2b10071385fe03739045fb2178
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
570aaa046ae16b217f655c1923dcd1aeec60101ecba1c965bf3045e5d7fb68c2
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
66a4e9d0ecbdf22329bd45209f8c1846eb4d6a92e286d72896a8dbdefd4f0958
686ab60280d22cfc2fd8c767f51c7d723e25f07cb7b67e601f8660bfe6f645f5
744c7b627c65603815045dffe15bc2c3b2f1893e02c97873c517021d0f4cb08e
764e734dbc489ef69bec69db761c2b769a2a66c6a06b18a8db81ce09ae5475c3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d262151848b9ba6034c624ecec9f8d346aea6916f5ec97ae47e73f150f9b8b0
806e66516bfaf00c64c5c99a16a810a443d52eb905391eb3dcf79f846dda06c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9502449ac2b03f78eb752b6b2a97180ae5b698da4a77c6ebd957a1c39e0890d5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97c6f47c9ffa0626f9673dc5665f59926eae8497d332b467f9e2782e03f940b9
9eeee12d88c3783a77337a9ec23701d6026b229398c11ae20da140b3c9456731
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
ad5f59089a06c41b332cc27965e1e76d9149716b7e595f1a6fb23eeca2c24eb8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b3867c6a628a4b8019ae9d8e6fb3bc46b4969d71c875185cd7ace67b2ad2916e
b42c4869214bc308496aa74afd2cd6bbde7d4d8525162d18bbf43b18ecbeaca5
c29882468ba64910558f1fe142d02dd5a109ba40bc4e449e325ae3de08f6b5a0
c49aa13b7dc02f4dce9ae5b902e29e2bcb6df83ea8822b90be4380fbca15ba1c
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
c98d1bd4ba8b8e452d14d242ba5d6af36b55f565c0debe7a687c0d1ca1e8ac2d
ca6c31a4e5a9d464c424222891663cc19814190d7ba96858ff789000c4925f6e
cd66e6af8591d1ddf9bd195447391afd1aa0ab06b32e19928c57a230d0d868af
d6cd62a84c9c8a741e0a94b5a89a90bc7c8faa77e9e7f0af97cbef9b2c43ed22
d8c45c89ed1e189aa49e7182811fa40e9fe60c017bd8469286113338a19b74fb
d9c5dabd33136621c43b8c6f2bef93adba4dca2b80392e913fcc2c5c65302197
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a466c17cbbee49b983b27224424a051aae752d5524051704a15c2fa389e8
edc4cfb9be38ec4af0beed71ff0c889b4c9f71ebed4154446379db7ce9651f21
eebdcf764dee8b108227d697c76fb5c65ebd48f468374d912eb966d5150f9542
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40805dfad17eeb25d91569ad32e8230271cf6e2ded43817d8199c70824f9ce0
f7e8c0c722b84ff0150c7b4d67055187bdda9d53364b42b8e16d2b132a8e39f9
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

api.betonline.ag Open in urlscan Pro 104.17.65.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

96 %HTTPS

42 %IPv6

22 Domains

29 Subdomains

27 IPs

6 Countries

3980 kBTransfer

12519 kBSize

26 Cookies

4 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

api.betonline.ag Open in urlscan Pro
104.17.65.19 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

96 %
HTTPS

42 %
IPv6

22
Domains

29
Subdomains

27
IPs

6
Countries

3980 kB
Transfer

12519 kB
Size

26
Cookies

114 HTTP transactions
0 data transactions