betinvestments.com Open in urlscan Pro
198.71.233.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.betinvestments.com/
Effective URL:
https://betinvestments.com/
Submission: On November 16 via manual (November 16th 2022, 7:40:32 am UTC) from IL — Scanned from DE

Summary HTTP 174 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 174 HTTP transactions. The main IP is 198.71.233.13, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is betinvestments.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 22nd 2021. Valid for: a year.

This is the only time betinvestments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	198.71.233.13 198.71.233.13	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
66	162.159.136.45 162.159.136.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3 5	2.16.241.86 2.16.241.86	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
63	34.194.104.115 34.194.104.115	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:7200:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:678c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.44.125.221 52.44.125.221	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	54.231.202.216 54.231.202.216	16509 (AMAZON-02) (AMAZON-02)
174	17

5 198.71.233.13 (Ashburn, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 13.233.71.198.host.secureserver.net

www.betinvestments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
betinvestments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 162.159.136.45 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

0d03cd.a2cdn1.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.241.86 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-86.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 34.194.104.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: app01-e1.truelook.com

app.truelook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:7200:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:678c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.125.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-125-221.compute-1.amazonaws.com

live000-e1.truelook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.202.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	secureserver.net 0d03cd.a2cdn1.secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13397	12 MB
65	truelook.com app.truelook.com — Cisco Umbrella Rank: 441347 live000-e1.truelook.com	2 MB
11	gstatic.com fonts.gstatic.com www.gstatic.com	282 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 304 maps.googleapis.com — Cisco Umbrella Rank: 364	11 KB
6	google.com maps.google.com — Cisco Umbrella Rank: 1975	364 KB
5	wsimg.com 3 redirects img1.wsimg.com — Cisco Umbrella Rank: 9159 img6.wsimg.com — Cisco Umbrella Rank: 11386	20 KB
5	betinvestments.com 1 redirects www.betinvestments.com betinvestments.com	1 MB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	174 KB
2	amazonaws.com s3.amazonaws.com
2	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 854	275 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	40 KB
174	11

	Domain	Requested by
66	0d03cd.a2cdn1.secureserver.net	betinvestments.com 0d03cd.a2cdn1.secureserver.net
63	app.truelook.com	betinvestments.com app.truelook.com
7	fonts.gstatic.com	fonts.googleapis.com
6	maps.google.com	app.truelook.com maps.google.com
5	fonts.googleapis.com	betinvestments.com ajax.googleapis.com
4	www.gstatic.com	app.truelook.com www.gstatic.com
4	connect.facebook.net	app.truelook.com connect.facebook.net
4	betinvestments.com	betinvestments.com 0d03cd.a2cdn1.secureserver.net
3	img1.wsimg.com	3 redirects
2	s3.amazonaws.com
2	live000-e1.truelook.com	app.truelook.com
2	events.api.secureserver.net	img1.wsimg.com
2	maps.googleapis.com	maps.google.com
2	cdn.pendo.io	app.truelook.com
2	www.google-analytics.com	app.truelook.com
2	img6.wsimg.com	betinvestments.com
1	ajax.googleapis.com	0d03cd.a2cdn1.secureserver.net
1	www.betinvestments.com	1 redirects
174	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
betinvestments.sherpadesk.com
www.50atgraniterun.com
555flats.com
charlestongreene.com
www.dreshercommons.com
www.dreshertowne.com
www.dublinterrace.com
www.keystoneflats.com
lakewalkathamlin.com
www.mylincolnwoodsapts.com
www.newtownplace.com
www.theprincetonatcollegepark.com
www.theedgewc.com
www.livetheflats.com
residencesud.com
www.westendflatspa.com
www.wynmerechase.com

Subject Issuer	Validity	Valid
betinvestments.com Go Daddy Secure Certificate Authority - G2	`2021-11-22` - `2022-12-24`	a year	crt.sh
*.a2cdn1.secureserver.net Starfield Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.truelook.com GeoTrust RSA CA 2018	`2022-01-13` - `2023-02-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-25` - `2022-11-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2022-08-05` - `2023-09-06`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://betinvestments.com/
Frame ID: CD896FA667D9A14E08A0893AC81DC79E
Requests: 93 HTTP requests in this frame

Frame: https://app.truelook.com/?m=15312163626306825298033
Frame ID: 0DD2D2BCA83B097732EEF63A3C3E73BA
Requests: 43 HTTP requests in this frame

Frame: https://app.truelook.com/?m=15710441798397236393602
Frame ID: C65FDE2DB18EC0E44DA80419782F6C96
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BET Investments | Real Estate Investors and Developers

Page URL History Show full URLs

http://www.betinvestments.com/ HTTP 301
https://betinvestments.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

HeadJS (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

head\.(?:core|load)(?:\.min)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

99 %
HTTPS

63 %
IPv6

11
Domains

18
Subdomains

17
IPs

3
Countries

17612 kB
Transfer

25338 kB
Size

2
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/betinvestments
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/betinvestments1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betinvestments/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://betinvestments.sherpadesk.com/
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/50atGraniteRun/

Search URL Search Domain Scan URL

URL: https://www.50atgraniterun.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/555flats/

Search URL Search Domain Scan URL

URL: https://555flats.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CharlestonGreeneTownhomes/

Search URL Search Domain Scan URL

URL: https://charlestongreene.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dreshercommons

Search URL Search Domain Scan URL

URL: https://www.dreshercommons.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DreshertowneTownhomesHorsham/

Search URL Search Domain Scan URL

URL: https://www.dreshertowne.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DublinTerraceDresher/

Search URL Search Domain Scan URL

URL: https://www.dublinterrace.com/

Search URL Search Domain Scan URL

URL: https://www.keystoneflats.com/

Search URL Search Domain Scan URL

URL: https://lakewalkathamlin.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lincolnwoods

Search URL Search Domain Scan URL

URL: https://www.mylincolnwoodsapts.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newtownplace/

Search URL Search Domain Scan URL

URL: https://www.newtownplace.com/

Search URL Search Domain Scan URL

URL: https://www.theprincetonatcollegepark.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theedgewestchester/

Search URL Search Domain Scan URL

URL: https://www.theedgewc.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheFlatsat4200

Search URL Search Domain Scan URL

URL: https://www.livetheflats.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ResidencesAtThePromenade

Search URL Search Domain Scan URL

URL: https://residencesud.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/westendflatspa/

Search URL Search Domain Scan URL

URL: https://www.westendflatspa.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WynmereChaseApartments

Search URL Search Domain Scan URL

URL: https://www.wynmerechase.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.betinvestments.com/ HTTP 301
https://betinvestments.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

Request Chain 45

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

174 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
betinvestments.com/
Redirect Chain

http://www.betinvestments.com/
https://betinvestments.com/

256 KB
39 KB

302ms
101ms

Document
text/html

198.71.233.13
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.71.233.13 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

13.233.71.198.host.secureserver.net

Software

openresty /

Resource Hash

6c25079578a423d748502705477d129b3946b5f617ead7decc6b11d2cf7ca976

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1762
content-encoding: gzip
content-length: 39771
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 16 Nov 2022 07:40:24 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,3,24
x-php-version: 8.1
x-xss-protection: 1; mode=block

Redirect headers

Age: 59302
Content-Length: 0
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Nov 2022 15:11:59 GMT
Location: https://betinvestments.com/
Strict-Transport-Security: max-age=300
Vary: User-Agent
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Fawn-Proc-Count: 1,16,24
X-Php-Version: 8.1
X-Redirect-By: WordPress
X-Xss-Protection: 1; mode=block

GET
H2 200 swiper.min.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/styles/ 19 KB
3 KB 175ms
127ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/styles/swiper.min.css?ver=6.0.3&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46bbc7b22b8c58dc664cd4b31da0906636b96c8d64b839b1671d3eff081f6c1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 12:42:21 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae9402cbc990a9-FRA
expires: Sat, 17 Dec 2022 07:40:22 GMT

GET
H2 200 settings.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/css/ 51 KB
9 KB 176ms
129ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b47bf3f2e265a72d087e957182628fb67b9e19ed9470f4b3a3fbec20fd8075ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 16:14:44 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae9402cbcb90a9-FRA
expires: Sat, 17 Dec 2022 07:40:22 GMT

GET
H2 200 fontello.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/css/ 12 KB
3 KB 172ms
126ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:22 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 16:14:44 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae9402cbcc90a9-FRA
expires: Sat, 17 Dec 2022 07:40:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 07:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 07:05:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 07:40:22 GMT

GET
H2 200 et-divi-dynamic-10778-late.css
0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/ 16 KB
2 KB 123ms
121ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/et-divi-dynamic-10778-late.css?ver=1666668689&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Oct 2022 03:31:29 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94031c4190a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 et-divi-dynamic-10778.css
0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/ 30 KB
4 KB 124ms
123ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/et-divi-dynamic-10778.css?ver=1666668689&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a45b02646d55ff68939811dbd4d335a8fd4c3bd07125a1335fe97f20d284472

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Oct 2022 03:31:29 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94031c4390a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 style.min.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/styles/ 11 KB
2 KB 126ms
125ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/styles/style.min.css?ver=1.0.12&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edf92544c1bd1432b517c7014646632bcd4731bebc32350574dd2a3f45c0c88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 12:42:21 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94031c4590a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo:regular,italic,500,500italic,600,600italic,700,700italic|Rubik:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic&subset=latin,latin-ext&display=swap

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d785d7ba52514bbd468fc2443c947864dc5794b47febe0d2bc8816973291971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 07:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 07:40:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 07:40:22 GMT

GET
H2 200 style.css
0d03cd.a2cdn1.secureserver.net/wp-content/themes/bet-investments/ 477 B
289 B 137ms
137ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/bet-investments/style.css?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6e8ddfa1d8fd89f772d883571bc90f9150374f846f6ceb02fd2973050f9fa1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Nov 2020 17:46:36 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94031c4690a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 jquery.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-includes/js/jquery/ 87 KB
31 KB 133ms
133ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Nov 2022 15:00:18 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94031c4990a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-includes/js/jquery/ 11 KB
4 KB 126ms
125ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Nov 2022 15:00:18 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94032c4d90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 ds-script.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/bet-investments/ 38 B
148 B 123ms
123ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/bet-investments/ds-script.js?ver=6.0.3&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525a0b5965a40843f2c2002e1c69c89c693f249cbb25e7d523dadbeee4942f69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Nov 2020 17:46:36 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94032c5490a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 et-core-unified-deferred-10778.min.css
0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/ 15 KB
3 KB 122ms
121ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/et-core-unified-deferred-10778.min.css?ver=1666668689

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca4e47c090820f5a9c92090d9e74bc021afc22075107c63ba2c05347269a1e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Oct 2022 03:31:29 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 76ae94032c5090a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 banner.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2018/08/ 247 KB
248 KB 201ms
182ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2018/08/banner.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535cf59a8deb16003331a1d7ae737e3898b198bfaa713539123a15bc6994871b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=276190
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 253007
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Aug 2018 19:37:06 GMT
server: cloudflare
x-php-version: 8.1
etag: "436de-57392916fdc80"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94045dff90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 760 B
424 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arvo:wght@400;700&display=swap

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

331c783e14d37aa6d6a015557ea33cc0d4a19f55e31fcb543eab85560f6a2e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 07:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 07:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 07:40:23 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
417 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 07:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 07:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 07:40:23 GMT

GET
H2 200 50-logo-stacked-Final-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 759 KB
760 KB 159ms
141ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/50-logo-stacked-Final-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d10c5a2f6e175ff4fe3c6f71aeb8b28d79d742adf48ab54da37f91a419e4d66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=805798
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776922
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 16:01:10 GMT
server: cloudflare
x-php-version: 8.1
etag: "c4ba6-5b35e34577d80"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94045e0190a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 555-for-fb-2-01.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 26 KB
26 KB 159ms
141ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/555-for-fb-2-01.png?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907d48a73f404f10b383962579e342fa9efd73c8d26f0cb10964559f0114ef04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=61530
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26462
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 16:17:45 GMT
server: cloudflare
x-php-version: 8.1
etag: "f05a-5b35e6fa5fc40"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94045e0690a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Charleston-Greene-Logo-square.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 39 KB
39 KB 150ms
132ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Charleston-Greene-Logo-square.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33111ed23aad1f40ed99152ffa3a9e76e5716383805f618e489bb53e1893649

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=73619
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39493
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 16:09:04 GMT
server: cloudflare
x-php-version: 8.1
etag: "11f93-5b35e50982800"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94045e0990a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Dresher-Commons-logo-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 969 KB
970 KB 165ms
148ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Dresher-Commons-logo-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9bcf0b5fec29b2d9340ed6481360706e44496328b35396956afa0e307c856a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=1016466
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 992385
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:53:27 GMT
server: cloudflare
x-php-version: 8.1
etag: "f8292-5b35e18beabc0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e1b90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Dreshertowne-New-Logo-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 754 KB
755 KB 165ms
148ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Dreshertowne-New-Logo-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04bf13384e387922c79342587b99b5f9c1108cce347c4cc11c1eb6bd9be317b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=788838
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772538
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 16:10:28 GMT
server: cloudflare
x-php-version: 8.1
etag: "c0966-5b35e5599e500"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e1d90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Dublin-Terrace-Logo-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 55 KB
55 KB 156ms
140ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Dublin-Terrace-Logo-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29c88b4d1a9f6bf7639b6f3e27dcbef0b014e9e90646315fdf11a7fd3164502

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=78483
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56113
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:51:56 GMT
server: cloudflare
x-php-version: 8.1
etag: "13293-5b35e13521f00"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e1f90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Keystone-Flats-logo-square-scaled.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 909 KB
910 KB 167ms
151ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Keystone-Flats-logo-square-scaled.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f46f64115b9fb8e8b209c6dcc0c2769a82c0d1484e96b8f844f2dd0864f59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=991132
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 931116
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:46:51 GMT
server: cloudflare
x-php-version: 8.1
etag: "f1f9c-5b35e012430c0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2190a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Lakewalk-L-logo-orange.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 23 KB
23 KB 429ms
414ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Lakewalk-L-logo-orange.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d137f8d47682d72b90450e1ab64eb114d7b357fe1794ef430dba4f38e16276

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=49214
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23263
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 17:28:39 GMT
server: cloudflare
x-php-version: 8.1
etag: "c03e-5b35f6d34dfc0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2290a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Lincoln-Woods-Facebook.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 60 KB
60 KB 157ms
142ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Lincoln-Woods-Facebook.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9c1f2be8878457719272a82d9b428dc315f65a6e594fe7b26843578ec08f35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=144048
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61640
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 16:06:35 GMT
server: cloudflare
x-php-version: 8.1
etag: "232b0-5b35e47b698c0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2390a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 New-Newtown-Place-Stacked.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 19 KB
19 KB 162ms
147ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/New-Newtown-Place-Stacked.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9020dcc69668efca4429d4c481046bf9bf9722d2ab808f02415be751b849900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=51798
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19783
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:56:23 GMT
server: cloudflare
x-php-version: 8.1
etag: "ca56-5b35e233c37c0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2490a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 princeton-square-logo.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 15 KB
15 KB 162ms
149ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/princeton-square-logo.png?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cba33a1af5ee1a9021657401296b8e69b7e5897a46430eed31aa68e6881d37cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=21039
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15341
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:07:51 GMT
server: cloudflare
x-php-version: 8.1
etag: "522f-5b35d75aa9fc0"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2790a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Edge-at-West-Chester-Logo-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 42 KB
42 KB 164ms
151ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Edge-at-West-Chester-Logo-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

485bc5603124f8f36a7b7aa810896e3cca81981472dcf21a7e8b9de62b59f851

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=69322
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43002
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:55:00 GMT
server: cloudflare
x-php-version: 8.1
etag: "10eca-5b35e1e49bd00"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2990a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 The-Flats-at-4200-Logo-SQUARE.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 838 KB
839 KB 164ms
152ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/The-Flats-at-4200-Logo-SQUARE.jpg?time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bcec9d70616cb46c24d68f5ef09bbeea2ed762d6c08c6726cb260e1f0f1671d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=890006
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 857874
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 15:59:22 GMT
server: cloudflare
x-php-version: 8.1
etag: "d9496-5b35e2de78a80"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94046e2b90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 base.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/ 4 KB
904 B 156ms
133ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/base.css?ver=6.0.3&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c19e5239c7232c82c1c1b51812b4a981c4095f857cca95d8ce0815bc727319f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:42:09 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94044dd290a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 sow-post-carousel-base-ad93eedad001.css
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/siteorigin-widgets/ 3 KB
539 B 151ms
125ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/siteorigin-widgets/sow-post-carousel-base-ad93eedad001.css?ver=6.0.3&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c72309dec94cefb9d5a470965c967405609cbfad6925a071fb35115d13cff411

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:48:37 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94044ddf90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 slick.css
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/css/lib/ 1 KB
518 B 149ms
124ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/css/lib/slick.css?ver=1.8.1&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dda4ea66078a8c2405497746714e305843e22b0b37d0e81b778031c8398bfe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:42:09 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94044de290a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 swiper.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/scripts/ 135 KB
35 KB 151ms
126ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/scripts/swiper.min.js?ver=5.2.1&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 12:42:21 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94044de590a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 scripts.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/js/ 268 KB
60 KB 176ms
152ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543abcc9b648e8163b776c15632a566251717566a4d724f9939bef59399eefc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:03 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045de790a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 jquery.fitvids.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 153ms
128ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:04 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045deb90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 jquery.mobile.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
3 KB 152ms
128ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:04 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045dec90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 easypiechart.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 9 KB
3 KB 141ms
117ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:04 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045ded90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 frontend-bundle.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/scripts/ 4 KB
1 KB 164ms
141ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/dg-blog-carousel/scripts/frontend-bundle.min.js?ver=1.0.12&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfebe0f52ced8bc7062d12767d5e3df778ab0f93e1cf05147e08aaf9e62205f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 12:42:21 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045df090a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 common.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/core/admin/js/ 1 KB
678 B 179ms
156ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-backend: local
age: 446071
x-cacheable: YES
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:06 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cf-ray: 76ae94045df290a9-FRA

GET
H2 200 slick.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/js/lib/ 42 KB
11 KB 152ms
130ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/js/lib/slick.min.js?ver=1.8.1&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aaadfd2a24a912fcca1403c0e627f4f3fe642aa2637e51bfed35b226e1d0589

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:42:08 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045df590a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 carousel.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/js/ 6 KB
2 KB 161ms
139ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/js/carousel.min.js?ver=1.44.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd933439ed8a5f9d344f111861f096a1184f41f07c5873c7e83edc04c64443e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:42:08 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045df790a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 script.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/js/ 665 B
422 B 153ms
131ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/js/script.min.js?ver=1.44.0&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5af4d9c3ded42f070565b7f2e1f32df69f86cf51334dc2b3034942dc0ae49f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Nov 2022 03:42:09 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 76ae94045df890a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 rbtools.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/ 126 KB
49 KB 163ms
142ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/rbtools.min.js?ver=6.5.14&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c6e9fccae16e121eb4fd7800a79bca62d9bcfb760ca55e26bb4b441d48cb67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 16:14:43 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045dfa90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 esg.min.js Show response
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/ 152 KB
35 KB 162ms
142ms Script
application/javascript 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/esg.min.js?ver=3.0.15&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b6b0946ac6f05bafc3c65b5bfc2d6688dfb6afcb865e2f80e7aa79fb2005bb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 16:14:43 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
cf-ray: 76ae94045dfe90a9-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

44 KB
11 KB

9ms
9ms

Script
application/javascript

2.16.241.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by: Host: betinvestments.com
URL: https://betinvestments.com/
Protocol: H2
Server: 2.16.241.86 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 135
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding: br
date: Wed, 16 Nov 2022 07:40:23 GMT
x-amz-request-id: N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt: 15
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11155
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
etag: "362d20193a8fed115f99b16a157b7fc4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
access-control-allow-origin: *
date: Wed, 16 Nov 2022 07:40:23 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Wed, 16 Nov 2022 08:10:23 GMT

GET
H2

200

tti.min.js Show response
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

24 KB
8 KB

14ms
8ms

Script
application/javascript

2.16.241.86
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by: Host: betinvestments.com
URL: https://betinvestments.com/
Protocol: H2
Server: 2.16.241.86 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 148
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding: br
date: Wed, 16 Nov 2022 07:40:23 GMT
x-amz-request-id: 836GEDG87AEEPZ3V
x-edgeconnect-midmile-rtt: 1
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7498
x-amz-id-2: 1p573ITy0o0T0ufkOZkP/+OCkgNr0sxd/pCUSQaWmdftOrsA/CN9I7heKTs2+rnywAcwGtmX76o=
last-modified: Tue, 18 Jan 2022 02:54:27 GMT
etag: "ce554d2333f3801abafb32da18213ff7"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin: *
date: Wed, 16 Nov 2022 07:40:23 GMT
cache-control: max-age=1800
timing-allow-origin: *
content-length: 0
expires: Wed, 16 Nov 2022 08:10:23 GMT

GET
H3 200 modules.ttf
0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
39 KB 152ms
126ms Font
font/ttf 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betinvestments.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES:Forced
x-backend: local
cf-cache-status: DYNAMIC
age: 54129
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 14 Oct 2022 04:41:06 GMT
x-php-version: 8.1
server: cloudflare
etag: W/"168f0-5eaf73be28e5a"
vary: User-Agent, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
x-cache-hit: HIT
cf-ray: 76ae94046ee0901f-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 142ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 314692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 16:15:31 GMT

GET
DATA 200
OK truncated
/ 232 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e66878dc400a4e12b66e3028a2ba318987ef11c7064978dc9f5bcd4492ae2ded

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 6-1.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 1 MB
1 MB 127ms
126ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/6-1.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1565eb0cd35a887b9e8bfb6d144f795066e5e453505ab40aa11a0765f5b1b759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=1408506
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1288808
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Feb 2021 19:35:26 GMT
server: cloudflare
x-php-version: 8.1
etag: "157dfa-5bb008140b67f"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94045ff59a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v18/ 31 KB
31 KB 215ms
134ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:regular,italic,500,500italic,600,600italic,700,700italic|Rubik:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:43:28 GMT
x-content-type-options: nosniff
age: 115015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31516
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:34:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:43:28 GMT

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd5513e8d290e2e9109b4583b7c11dc859741bd1740a11dbccdca69d719f28b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK / Show response
app.truelook.com/ Frame 0DD2 120 KB
31 KB 617ms
214ms Document
text/html 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/?m=15312163626306825298033

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

921d280692bf4760e1d7f1656d20003069a68991de26a61483524a973fdd8159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://betinvestments.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=14400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 16 Nov 2022 07:40:23 GMT
ETag: W/"633dd36c-1de20"
Expires: Wed, 16 Nov 2022 11:40:23 GMT
Last-Modified: Wed, 05 Oct 2022 18:56:44 GMT
Server: nginx/1.20.1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
app.truelook.com/ Frame C65F 120 KB
31 KB 618ms
215ms Document
text/html 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/?m=15710441798397236393602

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

921d280692bf4760e1d7f1656d20003069a68991de26a61483524a973fdd8159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://betinvestments.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=14400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 16 Nov 2022 07:40:23 GMT
ETag: W/"633dd36c-1de20"
Expires: Wed, 16 Nov 2022 11:40:23 GMT
Last-Modified: Wed, 05 Oct 2022 18:56:44 GMT
Server: nginx/1.20.1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 et-divi-dynamic-10778-late.css
betinvestments.com/wp-content/et-cache/10778/ 16 KB
2 KB 208ms
201ms Stylesheet
text/css 198.71.233.13
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://betinvestments.com/wp-content/et-cache/10778/et-divi-dynamic-10778-late.css

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.71.233.13 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

13.233.71.198.host.secureserver.net

Software

openresty /

Resource Hash

3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
x-backend: local
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 441035
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1419
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Oct 2022 03:31:29 GMT
server: openresty
x-php-version: 8.1
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H3 200 The_Promenade_at_Granite_Run_-_Baltimore_Pike_and_Middletown_Rd__Media__PA-20191215213941-2-3-272x182.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/ 17 KB
17 KB 262ms
258ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/The_Promenade_at_Granite_Run_-_Baltimore_Pike_and_Middletown_Rd__Media__PA-20191215213941-2-3-272x182.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3367d93f2c52ebdec917a5171c72318e67668bb4f7b35bba15358521e376be1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=17210
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17035
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 13 Mar 2020 14:21:22 GMT
server: cloudflare
x-php-version: 8.1
etag: "433a-5a0bd2f09fc80"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8e99a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Michael-272x182.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/ 14 KB
14 KB 263ms
259ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/Michael-272x182.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d1b5d4ab6434281db1bc504bfba743bebd8d6c65f9348c358b2b610a9e119d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=14416
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14249
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 13 Mar 2020 16:36:26 GMT
server: cloudflare
x-php-version: 8.1
etag: "3850-5a0bf12133680"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8eb9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 arizona-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2022/09/ 76 KB
76 KB 263ms
260ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2022/09/arizona-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d211c2b23d883f971e5a04702b727ab8761f1688a0112bcadb66f79ee6ff451e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=78350
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77606
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 20 Sep 2022 14:30:48 GMT
server: cloudflare
x-php-version: 8.1
etag: "1320e-5e91cacabb6e3"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8ec9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Cream-We-Are-Open-Instagram-Post-1-2-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2022/03/ 43 KB
44 KB 264ms
261ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2022/03/Cream-We-Are-Open-Instagram-Post-1-2-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c537690f0889a6294d8cfa1a289610cd1d0f1a91ca7e7e62238dcbd0fd2c5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=49681
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44267
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Mar 2022 16:26:05 GMT
server: cloudflare
x-php-version: 8.1
etag: "c211-5d93ebd021bc9"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8ed9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Open-Now-1-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/12/ 47 KB
48 KB 265ms
262ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/12/Open-Now-1-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c02236efdf106e232c8782ff3c2f525304421187b15f89668852096ea14efc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=53683
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48543
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Dec 2021 18:48:26 GMT
server: cloudflare
x-php-version: 8.1
etag: "d1b3-5d35bfc005fef"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f09a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 image-1-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/10/ 30 KB
30 KB 267ms
264ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/10/image-1-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fb193fec34b8d84e892ae13185c203b64f6c3cd8d95f766103eb0f62f79e26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=33132
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30702
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 04 Oct 2021 15:43:52 GMT
server: cloudflare
x-php-version: 8.1
etag: "816c-5cd88c7ac3fb6"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f19a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Nail-Salon-Promotion-Instagram-Post-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/09/ 91 KB
91 KB 267ms
264ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/09/Nail-Salon-Promotion-Instagram-Post-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d831d79a2b50c2322564423a2b7fcb9490bbe364613326dba2cece2962ac8c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=104694
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92719
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 29 Sep 2021 19:15:55 GMT
server: cloudflare
x-php-version: 8.1
etag: "198f6-5cd2728d2017e"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f39a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Grand-Opening-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/09/ 50 KB
50 KB 269ms
266ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/09/Grand-Opening-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0a83c52059b10ec3faa24d94628faac9c145524ce360a93f7d32133a0329959

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=57260
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51209
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 10 Sep 2021 15:29:44 GMT
server: cloudflare
x-php-version: 8.1
etag: "dfac-5cba5c8eaddb5"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f59a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Mint-Green-and-Black-Photographer-Desk-Instagram-Post-2-272x182.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/01/ 94 KB
94 KB 269ms
267ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/01/Mint-Green-and-Black-Photographer-Desk-Instagram-Post-2-272x182.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7a8906929c78df8a9b0dc2a18a3443cbbc986ce0b7eee553094d8ddc427b55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=107681
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95915
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Jan 2021 15:52:38 GMT
server: cloudflare
x-php-version: 8.1
etag: "1a4a1-5b8b603087d80"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f69a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 PGR-with-Badge-1-272x182.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/ 19 KB
19 KB 271ms
268ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/03/PGR-with-Badge-1-272x182.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e756c181bec847fa1c26883334b26389d935cddb22c05ce35eff0ee4c2d4c88c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=19348
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19221
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 09 Mar 2020 14:35:17 GMT
server: cloudflare
x-php-version: 8.1
etag: "4b94-5a06ce9719340"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae9404c8f89a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 Blueprint.jpg
betinvestments.com/wp-content/uploads/2016/03/ 1 MB
1 MB 204ms
202ms Image
image/jpeg 198.71.233.13
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betinvestments.com/wp-content/uploads/2016/03/Blueprint.jpg

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/et-core-unified-deferred-10778.min.css?ver=1666668689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.71.233.13 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

13.233.71.198.host.secureserver.net

Software

openresty /

Resource Hash

7036b60fb78062c524c1c1af15e469e955071c72a32632a8220adda9893618b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0d03cd.a2cdn1.secureserver.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 441035
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1106335
x-xss-protection: 1; mode=block
last-modified: Tue, 10 May 2016 20:30:39 GMT
server: openresty
x-php-version: 8.1
etag: "10e19f-53282cc57d9c0"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 office.jpg
betinvestments.com/wp-content/uploads/2021/02/ 340 KB
341 KB 105ms
103ms Image
image/jpeg 198.71.233.13
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betinvestments.com/wp-content/uploads/2021/02/office.jpg

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/et-cache/10778/et-core-unified-deferred-10778.min.css?ver=1666668689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.71.233.13 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

13.233.71.198.host.secureserver.net

Software

openresty /

Resource Hash

7832298cce2eed64896c0a1c06982a4c806f23078b82d67931dc95c7e1fb422b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0d03cd.a2cdn1.secureserver.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 441035
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 348597
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Feb 2021 19:40:34 GMT
server: openresty
x-php-version: 8.1
etag: "551b5-5bb00939953a5"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 319 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0eb4b43145ffb8ec00c6f0e8107c1104fa8655241cdc47e113a2b38af3f8f0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c481b33103b23a3cd7010e91486dde5434c90f0e9727fa8fc77f560aac53c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec7f9b0ceb5ee56d52350ca540ed1a295ad5523b3ca0e11f8fc777ebecf0ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4780c7618901aa889cd7026409d46c4e013913af20643c01b5c5fbcdd867e54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 33 KB
33 KB 113ms
102ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:08:48 GMT
x-content-type-options: nosniff
age: 124295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33580
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:08:48 GMT

GET
H3 200 style.min.css
0d03cd.a2cdn1.secureserver.net/wp-includes/css/dist/block-library/ 87 KB
12 KB 206ms
204ms Stylesheet
text/css 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3&time=1668138133

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Nov 2022 15:00:18 GMT
x-php-version: 8.1
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 76ae940529c19a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 carousel-arrows.woff
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/fonts/ 1 KB
1 KB 131ms
130ms Font
font/woff 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/fonts/carousel-arrows.woff?-95vnmw

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/base.css?ver=6.0.3&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db58003639201f702240221b128a1a23b2b4c211eefcf723520167eb065c95b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/so-widgets-bundle/widgets/post-carousel/css/base.css?ver=6.0.3&time=1668138133
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1112
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Oct 2022 16:08:56 GMT
x-php-version: 8.1
server: cloudflare
etag: "458-5eaecb9f509f3"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94054842901f-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 Promenade-at-Upper-Dublin-Photography-004_Page_06_Image_0001-1.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 989 KB
990 KB 163ms
162ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/Promenade-at-Upper-Dublin-Photography-004_Page_06_Image_0001-1.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff09c6612b0c23cbcfdad7ab9256743cdf27f53623cc4905b502cca941628713

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=1124889
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1013005
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 08 Feb 2021 18:15:01 GMT
server: cloudflare
x-php-version: 8.1
etag: "112a19-5bad7260095d4"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d5d9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 2-1.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 821 KB
822 KB 172ms
171ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/2-1.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c99a0d7b4f3ae49b6934939b44ffddcc1cab66c761cdb5008adc157cd8016ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=932786
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 840950
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Feb 2021 19:35:12 GMT
server: cloudflare
x-php-version: 8.1
etag: "e3bb2-5bb00806da0e4"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d5f9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 9.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 1 MB
1 MB 135ms
134ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/9.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb29eb731e993785398ba70bb17926c80e0652330a99a3967612f6b50ab56811

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=1182351
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087346
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Feb 2021 19:35:35 GMT
server: cloudflare
x-php-version: 8.1
etag: "120a8f-5bb0081d11ce7"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d629a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 6.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 829 KB
829 KB 121ms
120ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/6.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eee9b8eccd2fe5e3cee1930cf55b49aa1d49ce00e1cca750280103e097303d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=935843
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 848834
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 08 Feb 2021 19:33:52 GMT
server: cloudflare
x-php-version: 8.1
etag: "e47a3-5bad83ff9e458"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d649a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 13.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/ 815 KB
816 KB 262ms
261ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/02/13.jpg

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47efc979e7436a1784f0ba94c9bd825ded1fbed72c848aabff3239d07c580b19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=939164
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 834669
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Feb 2021 19:35:47 GMT
server: cloudflare
x-php-version: 8.1
etag: "e549c-5bb0082861ecb"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d669a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 3_Fountain.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/03/ 696 KB
697 KB 144ms
143ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2021/03/3_Fountain.png

Requested by

Host: betinvestments.com
URL: https://betinvestments.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3773a2e4c56d57be1244c88bf966da640bbc77fcd91ecbffdbc2f5547cbe87a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=718633
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 712651
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 29 Mar 2021 17:01:37 GMT
server: cloudflare
x-php-version: 8.1
etag: "af729-5beafd5afcaf2"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94070d679a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H3 200 loader.gif
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/images/ 2 KB
2 KB 275ms
274ms Image
image/gif 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/images/loader.gif

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f342473e9676e3af37e18ec34a45321c7864047127a4dd044bcc48596276b54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.15&time=1668138133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=2545
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2093
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 02 Mar 2022 16:14:44 GMT
server: cloudflare
x-php-version: 8.1
etag: "9f1-5d93e9461703a"
vary: Accept-Encoding
content-type: image/gif
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94073dc69a2d-FRA
expires: Sat, 17 Dec 2022 07:40:23 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/esg.min.js?ver=3.0.15&time=1668138133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 12:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 12:34:33 GMT

GET
H3 200 css
fonts.googleapis.com/ 27 KB
1 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800%7CRaleway:100,200,300,400,500,600,700,800,900%7CDroid+Serif:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed9a3e12f72df435c1e1f787456c10ea800d370ba0611c27fff02608e73dc514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Nov 2022 07:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 07:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Nov 2022 07:40:23 GMT

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
45 KB 125ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800%7CRaleway:100,200,300,400,500,600,700,800,900%7CDroid+Serif:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 429397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 08:23:46 GMT

GET
H3 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 148ms
64ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800%7CRaleway:100,200,300,400,500,600,700,800,900%7CDroid+Serif:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:35:31 GMT
x-content-type-options: nosniff
age: 32692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 22:35:31 GMT

GET
H3 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 127ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800%7CRaleway:100,200,300,400,500,600,700,800,900%7CDroid+Serif:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:31:00 GMT
x-content-type-options: nosniff
age: 324563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:31:00 GMT

GET
H/1.1 200
OK head.load.min.js Show response
app.truelook.com/scripts/libs/ Frame 0DD2 4 KB
2 KB 103ms
103ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/head.load.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

2241b389694144e159b8bbade5246c605ad9fbbfd3b53235c84682057130ae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 15:49:28 GMT
Server: nginx/1.20.1
ETag: W/"5783c008-11fe"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK settings.png
app.truelook.com/img/icons/ Frame 0DD2 17 KB
17 KB 103ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/icons/settings.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

723c895397c0be35b88eec38aa89318c4b9c2ddf34576c87951f83a429302048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:58 GMT
Server: nginx/1.20.1
ETag: "537227b6-4316"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17174
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK truelook-logo.png
app.truelook.com/img/ Frame 0DD2 3 KB
4 KB 107ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/truelook-logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

04e47818bd6bcf44fb0dc1b7894382435b6dbb04929b3087e035287913828542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:42 GMT
Server: nginx/1.20.1
ETag: "5aaae76a-cd4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3284
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK logo-dark.png
app.truelook.com/img/ Frame 0DD2 2 KB
3 KB 367ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/logo-dark.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

c18024505ce117cd3e23d852dd45b36f2fea05e2d1d9441fcff92fdbe9c50ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 27 Apr 2018 16:22:24 GMT
Server: nginx/1.20.1
ETag: "5ae34e40-9b8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2488
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown2.png
app.truelook.com/img/ Frame 0DD2 27 KB
28 KB 314ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown2.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

e482567116be3a36439212ba497b334a53a67469f7271fb38828218c45166b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 17:15:08 GMT
Server: nginx/1.20.1
ETag: "5373a49c-6cea"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27882
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown3.png
app.truelook.com/img/ Frame 0DD2 21 KB
21 KB 406ms
203ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown3.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

d4538f66e2db1b502e29f5cc4b0abaf71268935792a87a8a2c392e745cabfeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 18:31:45 GMT
Server: nginx/1.20.1
ETag: "5373b691-5433"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21555
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK tl_logo.png
app.truelook.com/img/ Frame 0DD2 12 KB
12 KB 301ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/tl_logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

68e86a4c2211bebe83069b83bb425b65bbbec026b7100a8d74db36c16ac559f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:20 GMT
Server: nginx/1.20.1
ETag: "5aaae754-2ffc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK loader_green2.gif
app.truelook.com/img/ Frame 0DD2 8 KB
9 KB 309ms
101ms Image
image/gif 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/loader_green2.gif

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

df44f1162aa0b2fab3d2f936c25d5d150c1e6d3ed8204fe4d1d955418dc7450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:59 GMT
Server: nginx/1.20.1
ETag: "537227b7-20ad"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8365
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK head.load.min.js Show response
app.truelook.com/scripts/libs/ Frame C65F 4 KB
2 KB 105ms
102ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/head.load.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

2241b389694144e159b8bbade5246c605ad9fbbfd3b53235c84682057130ae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 15:49:28 GMT
Server: nginx/1.20.1
ETag: W/"5783c008-11fe"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK settings.png
app.truelook.com/img/icons/ Frame C65F 17 KB
17 KB 210ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/icons/settings.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

723c895397c0be35b88eec38aa89318c4b9c2ddf34576c87951f83a429302048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:58 GMT
Server: nginx/1.20.1
ETag: "537227b6-4316"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17174
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK truelook-logo.png
app.truelook.com/img/ Frame C65F 3 KB
4 KB 410ms
105ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/truelook-logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

04e47818bd6bcf44fb0dc1b7894382435b6dbb04929b3087e035287913828542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:42 GMT
Server: nginx/1.20.1
ETag: "5aaae76a-cd4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK logo-dark.png
app.truelook.com/img/ Frame C65F 2 KB
3 KB 150ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/logo-dark.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

c18024505ce117cd3e23d852dd45b36f2fea05e2d1d9441fcff92fdbe9c50ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 27 Apr 2018 16:22:24 GMT
Server: nginx/1.20.1
ETag: "5ae34e40-9b8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2488
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown2.png
app.truelook.com/img/ Frame C65F 27 KB
28 KB 212ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown2.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

e482567116be3a36439212ba497b334a53a67469f7271fb38828218c45166b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 17:15:08 GMT
Server: nginx/1.20.1
ETag: "5373a49c-6cea"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27882
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown3.png
app.truelook.com/img/ Frame C65F 21 KB
21 KB 213ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown3.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

d4538f66e2db1b502e29f5cc4b0abaf71268935792a87a8a2c392e745cabfeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 18:31:45 GMT
Server: nginx/1.20.1
ETag: "5373b691-5433"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21555
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK tl_logo.png
app.truelook.com/img/ Frame C65F 12 KB
12 KB 212ms
103ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/tl_logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

68e86a4c2211bebe83069b83bb425b65bbbec026b7100a8d74db36c16ac559f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:20 GMT
Server: nginx/1.20.1
ETag: "5aaae754-2ffc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK loader_green2.gif
app.truelook.com/img/ Frame C65F 8 KB
9 KB 314ms
102ms Image
image/gif 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/loader_green2.gif

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

df44f1162aa0b2fab3d2f936c25d5d150c1e6d3ed8204fe4d1d955418dc7450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:59 GMT
Server: nginx/1.20.1
ETag: "537227b7-20ad"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8365
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK tl-icons-v4.min.css
app.truelook.com/css/icons/ Frame 0DD2 30 KB
8 KB 108ms
103ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

72446eb2da18d5952b834c8482206a0c60e3889cf68ab6e29028db0d95cf9aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:19 GMT
Server: nginx/1.20.1
ETag: W/"633dd353-77f2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:23 GMT

GET
H/1.1 200
OK custom.min.css
app.truelook.com/css/icons.new/css/ Frame 0DD2 693 B
1 KB 205ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons.new/css/custom.min.css?v=1525117328

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

a814cae51a97f9d6998c095abdb377137e69dd27cf70b8a54351ba624223049d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 05 Oct 2022 18:56:21 GMT
Server: nginx/1.20.1
ETag: "633dd355-2b5"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 693
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK galleria.classic.tl.css
app.truelook.com/scripts/libs/galleria/themes/classic/ Frame 0DD2 5 KB
2 KB 210ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/themes/classic/galleria.classic.tl.css

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

dfb89b54a9a1373378d60a23224374db19cd3d83e263d4fbe09d18a36adb6138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 08 Jul 2014 17:09:16 GMT
Server: nginx/1.20.1
ETag: W/"53bc25bc-13ad"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK skin.min.css
app.truelook.com/scripts/libs/flowplayer7.2.7/skin/ Frame 0DD2 33 KB
7 KB 214ms
106ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

13c0737ca38bba22fb6d550b2bf09380db1c3343ee3a2bdf8e04bbeac6466947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:23 GMT
Server: nginx/1.20.1
ETag: W/"633dd357-840f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK 1.min.css
app.truelook.com/css/ Frame 0DD2 235 KB
52 KB 212ms
104ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/1.min.css?v=1664996173

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

8b4d0b6ffddb6b2cd149755a2a0ce1f9a9c0cea4131c112809f82719e8e280d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:26 GMT
Server: nginx/1.20.1
ETag: W/"633dd35a-3abe3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0DD2 49 KB
20 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 935
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 09:24:49 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/cd229c65-36bd-4d9a-525d-9689fb308903/ Frame 0DD2 418 KB
138 KB 194ms
129ms Script
application/javascript 2600:9000:2182:7200:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/cd229c65-36bd-4d9a-525d-9689fb308903/pendo.js
Requested by: Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eaa0cd359136fdf2996c582321efa7ccd68f03bf5c2773757283359885325a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-guploader-uploadid: ADPycdsBblMPYpuuCtwEohtFatqbGCEnfkr9na_mjJvGy67YC1AkNY9YM8slDQMUqiF_1AIPvgehwKvqqwRlyMx1G33B5A
x-cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 140084
last-modified: Thu, 10 Nov 2022 19:14:57 GMT
server: UploadServer
etag: "3c6293414534a1df34e73f80cbd554d9"
vary: Accept-Encoding
x-goog-generation: 1668107697210328
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=iBNQ7Q==, md5=PGKTQUU0od805z+Ay9VU2Q==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 140084
accept-ranges: bytes
x-amz-cf-id: kLWj-HNEhhWLQ7lCmNnLmapSQrlN69xoLMc35lkd9yjajtTS8X8avA==
expires: Wed, 16 Nov 2022 07:47:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 0DD2 3 KB
2 KB 36ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ccdbc53d2bb413072611f5e9a7e8b796c2bf00f3c3aecee7fc90e0f5e165c5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:40:23 GMT
content-md5: YDE5PL+BYL0dI8BmosevZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: WmRjn37+EmZcwgFXPsP9B4GC5+W4G5OOWg/KAN8Nd8m0v7NKzX3ZkFHdyC8rxSpyh85lYf7YaWIIQTIt+EyKOw==
x-fb-trip-id: 686109401
x-fb-content-md5: d16186116fe6a85e46ba442295afd36a
cross-origin-opener-policy: same-origin-allow-popups
etag: "efa237d1068ec3fda4d01233ec005c1b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Nov 2022 07:54:13 GMT

GET
H/1.1 200
OK truelook-logo.png
app.truelook.com/img/ Frame 0DD2 3 KB
4 KB 307ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/truelook-logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

04e47818bd6bcf44fb0dc1b7894382435b6dbb04929b3087e035287913828542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:42 GMT
Server: nginx/1.20.1
ETag: "5aaae76a-cd4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown2.png
app.truelook.com/img/ Frame 0DD2 27 KB
28 KB 309ms
104ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown2.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

e482567116be3a36439212ba497b334a53a67469f7271fb38828218c45166b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 17:15:08 GMT
Server: nginx/1.20.1
ETag: "5373a49c-6cea"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27882
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown3.png
app.truelook.com/img/ Frame 0DD2 21 KB
21 KB 214ms
104ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown3.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

d4538f66e2db1b502e29f5cc4b0abaf71268935792a87a8a2c392e745cabfeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 18:31:45 GMT
Server: nginx/1.20.1
ETag: "5373b691-5433"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21555
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK loader_green2.gif
app.truelook.com/img/ Frame 0DD2 8 KB
9 KB 202ms
102ms Image
image/gif 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/loader_green2.gif

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

df44f1162aa0b2fab3d2f936c25d5d150c1e6d3ed8204fe4d1d955418dc7450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:59 GMT
Server: nginx/1.20.1
ETag: "537227b7-20ad"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8365
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK tl_logo.png
app.truelook.com/img/ Frame 0DD2 12 KB
12 KB 212ms
104ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/tl_logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15312163626306825298033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

68e86a4c2211bebe83069b83bb425b65bbbec026b7100a8d74db36c16ac559f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:20 GMT
Server: nginx/1.20.1
ETag: "5aaae754-2ffc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ Frame 0DD2 160 KB
53 KB 187ms
71ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

cb213930b5ce4834f6c9b2d568856920609fcd274c33dd907ec4cee1e2bc27d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=21
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53763
x-xss-protection: 0
expires: Wed, 16 Nov 2022 08:10:24 GMT

GET
H/1.1 200
OK 1.min.js Show response
app.truelook.com/scripts/ Frame 0DD2 1 MB
359 KB 318ms
110ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/1.min.js?v=1664996174

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

707e726bceeabc010c0e8d315a8679842da153fd191af37af824de7597fa59a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:30 GMT
Server: nginx/1.20.1
ETag: W/"633dd35e-13e166"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK flowplayer.min.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame 0DD2 170 KB
61 KB 223ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

c364517a6f25faad1182a3543f031195472e509dd5e9312fae71482a9dd5199d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 07 Sep 2018 12:26:05 GMT
Server: nginx/1.20.1
ETag: W/"5b926e5d-2a864"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame 0DD2 169 KB
59 KB 246ms
126ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/hls.light.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

0e6d67a8f0c48a609124f6af57159c710935101bb5e174b4c997be8e739ffcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 03 May 2021 18:32:11 GMT
Server: nginx/1.20.1
ETag: W/"609041ab-2a430"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK flowplayer.speed-menu.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame 0DD2 3 KB
1 KB 236ms
103ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.speed-menu.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

330b1b81851c69c845ef93e642ccf61381aa59ab63faf47e17691308049a97b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 17:03:50 GMT
Server: nginx/1.20.1
ETag: W/"5bb647f6-b71"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK galleria-1.3.6.tl.min.js Show response
app.truelook.com/scripts/libs/galleria/ Frame 0DD2 89 KB
30 KB 324ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/galleria-1.3.6.tl.min.js?v=1551277526

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

daf0c194001ca2469811e3e29b0d518dda8be762443240870acd7fd5b154af63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 17:18:56 GMT
Server: nginx/1.20.1
ETag: W/"5bb64b80-1642f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK galleria.classic.tl.min.js Show response
app.truelook.com/scripts/libs/galleria/themes/classic/ Frame 0DD2 2 KB
1 KB 253ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/themes/classic/galleria.classic.tl.min.js?v=1404839356

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

66671fd0fcfdc59579ccfb1e81199220280e29c506d41fd422652327bca43c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2017 21:30:51 GMT
Server: nginx/1.20.1
ETag: W/"5a1dd58b-660"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK tl-icons-v4.min.css
app.truelook.com/css/icons/ Frame C65F 30 KB
8 KB 250ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

72446eb2da18d5952b834c8482206a0c60e3889cf68ab6e29028db0d95cf9aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:19 GMT
Server: nginx/1.20.1
ETag: W/"633dd353-77f2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK custom.min.css
app.truelook.com/css/icons.new/css/ Frame C65F 693 B
1 KB 251ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons.new/css/custom.min.css?v=1525117328

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

a814cae51a97f9d6998c095abdb377137e69dd27cf70b8a54351ba624223049d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 05 Oct 2022 18:56:21 GMT
Server: nginx/1.20.1
ETag: "633dd355-2b5"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 693
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK galleria.classic.tl.css
app.truelook.com/scripts/libs/galleria/themes/classic/ Frame C65F 5 KB
2 KB 251ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/themes/classic/galleria.classic.tl.css

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

dfb89b54a9a1373378d60a23224374db19cd3d83e263d4fbe09d18a36adb6138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 08 Jul 2014 17:09:16 GMT
Server: nginx/1.20.1
ETag: W/"53bc25bc-13ad"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK skin.min.css
app.truelook.com/scripts/libs/flowplayer7.2.7/skin/ Frame C65F 33 KB
7 KB 256ms
102ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

13c0737ca38bba22fb6d550b2bf09380db1c3343ee3a2bdf8e04bbeac6466947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:23 GMT
Server: nginx/1.20.1
ETag: W/"633dd357-840f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK 1.min.css
app.truelook.com/css/ Frame C65F 235 KB
52 KB 261ms
104ms Stylesheet
text/css 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/1.min.css?v=1664996173

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

8b4d0b6ffddb6b2cd149755a2a0ce1f9a9c0cea4131c112809f82719e8e280d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:26 GMT
Server: nginx/1.20.1
ETag: W/"633dd35a-3abe3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C65F 49 KB
20 KB 80ms
51ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 935
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 09:24:49 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/cd229c65-36bd-4d9a-525d-9689fb308903/ Frame C65F 418 KB
138 KB 147ms
139ms Script
application/javascript 2600:9000:2182:7200:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/cd229c65-36bd-4d9a-525d-9689fb308903/pendo.js
Requested by: Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eaa0cd359136fdf2996c582321efa7ccd68f03bf5c2773757283359885325a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-guploader-uploadid: ADPycdsBblMPYpuuCtwEohtFatqbGCEnfkr9na_mjJvGy67YC1AkNY9YM8slDQMUqiF_1AIPvgehwKvqqwRlyMx1G33B5A
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 140084
last-modified: Thu, 10 Nov 2022 19:14:57 GMT
server: UploadServer
etag: "3c6293414534a1df34e73f80cbd554d9"
vary: Accept-Encoding
x-goog-generation: 1668107697210328
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=iBNQ7Q==, md5=PGKTQUU0od805z+Ay9VU2Q==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 140084
accept-ranges: bytes
x-amz-cf-id: fGhNte1d6IZYkBFfo2atthdVAvMyakydEjckHo9jgGci7tAnr8K7mQ==
expires: Wed, 16 Nov 2022 07:47:54 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C65F 3 KB
2 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ccdbc53d2bb413072611f5e9a7e8b796c2bf00f3c3aecee7fc90e0f5e165c5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:40:24 GMT
content-md5: YDE5PL+BYL0dI8BmosevZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: WmRjn37+EmZcwgFXPsP9B4GC5+W4G5OOWg/KAN8Nd8m0v7NKzX3ZkFHdyC8rxSpyh85lYf7YaWIIQTIt+EyKOw==
x-fb-content-md5: d16186116fe6a85e46ba442295afd36a
cross-origin-opener-policy: same-origin-allow-popups
etag: "efa237d1068ec3fda4d01233ec005c1b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Nov 2022 07:54:13 GMT

GET
H/1.1 200
OK tl-icons.ttf
app.truelook.com/css/icons/fonts/ Frame 0DD2 182 KB
183 KB 370ms
205ms Font
application/octet-stream 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons/fonts/tl-icons.ttf?tvvg5b

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

43516087a98c069e2197f5253bcf4efd05729f2e05305d7ec4fc064da25f9356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Feb 2018 13:42:12 GMT
Server: nginx/1.20.1
ETag: "5a731934-2d9cc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186828

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 0DD2 300 KB
85 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0699abf6d0a24896321d9172761f9b74

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

808f0ba0e68c0af22595865262b3a25e4728217e6eb9770855ef154b9a4508ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.truelook.com/
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:40:24 GMT
content-md5: 7674pw5/EbdO8eykck11qA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86898
x-fb-rlafr: 0
x-fb-debug: ZQWk0BY1mfO2OKTqXvLZTge17e+1FoCcrdgcJvUl6ygw2w4oHHC4fnMEW14COku3miijxKQQjcP4C+4Wy3PDMQ==
x-fb-content-md5: be8cc1da0100253aa3e1f4ec57765fb3
cross-origin-opener-policy: same-origin-allow-popups
etag: "0f79de87841af4adda68df79b81c7334"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Nov 2023 06:31:39 GMT

GET
H/1.1 200
OK truelook-logo.png
app.truelook.com/img/ Frame C65F 3 KB
4 KB 308ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/truelook-logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

04e47818bd6bcf44fb0dc1b7894382435b6dbb04929b3087e035287913828542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:42 GMT
Server: nginx/1.20.1
ETag: "5aaae76a-cd4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown2.png
app.truelook.com/img/ Frame C65F 27 KB
28 KB 311ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown2.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

e482567116be3a36439212ba497b334a53a67469f7271fb38828218c45166b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 17:15:08 GMT
Server: nginx/1.20.1
ETag: "5373a49c-6cea"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27882
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK cameradown3.png
app.truelook.com/img/ Frame C65F 21 KB
21 KB 299ms
105ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/cameradown3.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

d4538f66e2db1b502e29f5cc4b0abaf71268935792a87a8a2c392e745cabfeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 14 May 2014 18:31:45 GMT
Server: nginx/1.20.1
ETag: "5373b691-5433"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21555
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK loader_green2.gif
app.truelook.com/img/ Frame C65F 8 KB
9 KB 209ms
105ms Image
image/gif 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/loader_green2.gif

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

df44f1162aa0b2fab3d2f936c25d5d150c1e6d3ed8204fe4d1d955418dc7450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 13 May 2014 14:09:59 GMT
Server: nginx/1.20.1
ETag: "537227b7-20ad"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8365
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK tl_logo.png
app.truelook.com/img/ Frame C65F 12 KB
12 KB 237ms
123ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/tl_logo.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/?m=15710441798397236393602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

68e86a4c2211bebe83069b83bb425b65bbbec026b7100a8d74db36c16ac559f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 15 Mar 2018 21:36:20 GMT
Server: nginx/1.20.1
ETag: "5aaae754-2ffc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12284
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H3 200 js Show response
maps.google.com/maps/api/ Frame C65F 160 KB
53 KB 154ms
72ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

cb213930b5ce4834f6c9b2d568856920609fcd274c33dd907ec4cee1e2bc27d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53763
x-xss-protection: 0
expires: Wed, 16 Nov 2022 08:10:24 GMT

GET
H/1.1 200
OK 1.min.js Show response
app.truelook.com/scripts/ Frame C65F 1 MB
359 KB 302ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/1.min.js?v=1664996174

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

707e726bceeabc010c0e8d315a8679842da153fd191af37af824de7597fa59a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:30 GMT
Server: nginx/1.20.1
ETag: W/"633dd35e-13e166"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK flowplayer.min.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame C65F 170 KB
61 KB 316ms
119ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

c364517a6f25faad1182a3543f031195472e509dd5e9312fae71482a9dd5199d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 07 Sep 2018 12:26:05 GMT
Server: nginx/1.20.1
ETag: W/"5b926e5d-2a864"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame C65F 169 KB
59 KB 238ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/hls.light.min.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

0e6d67a8f0c48a609124f6af57159c710935101bb5e174b4c997be8e739ffcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 03 May 2021 18:32:11 GMT
Server: nginx/1.20.1
ETag: W/"609041ab-2a430"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK flowplayer.speed-menu.js Show response
app.truelook.com/scripts/libs/flowplayer7.2.7/ Frame C65F 3 KB
1 KB 308ms
102ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.speed-menu.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

330b1b81851c69c845ef93e642ccf61381aa59ab63faf47e17691308049a97b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 17:03:50 GMT
Server: nginx/1.20.1
ETag: W/"5bb647f6-b71"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK galleria-1.3.6.tl.min.js Show response
app.truelook.com/scripts/libs/galleria/ Frame C65F 89 KB
30 KB 255ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/galleria-1.3.6.tl.min.js?v=1551277526

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

daf0c194001ca2469811e3e29b0d518dda8be762443240870acd7fd5b154af63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 17:18:56 GMT
Server: nginx/1.20.1
ETag: W/"5bb64b80-1642f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK galleria.classic.tl.min.js Show response
app.truelook.com/scripts/libs/galleria/themes/classic/ Frame C65F 2 KB
1 KB 275ms
103ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/galleria/themes/classic/galleria.classic.tl.min.js?v=1404839356

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

66671fd0fcfdc59579ccfb1e81199220280e29c506d41fd422652327bca43c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2017 21:30:51 GMT
Server: nginx/1.20.1
ETag: W/"5a1dd58b-660"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H3 200 egfont.woff
0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/fonts/ 34 KB
34 KB 144ms
143ms Font
font/woff 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/fonts/egfont.woff?85610117

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd942a9920cec10562433ca0693c01bef408f9bf97937fe8604e918be29be24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.15&time=1668138133
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34372
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 16:14:44 GMT
x-php-version: 8.1
server: cloudflare
etag: "8644-5d93e94608388"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae940b4bce901f-FRA
expires: Sat, 17 Dec 2022 07:40:24 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://betinvestments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:54:08 GMT
x-content-type-options: nosniff
age: 132376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 18:54:08 GMT

GET
H/1.1 200
OK tl-icons.ttf
app.truelook.com/css/icons/fonts/ Frame C65F 182 KB
183 KB 183ms
102ms Font
application/octet-stream 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons/fonts/tl-icons.ttf?tvvg5b

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

43516087a98c069e2197f5253bcf4efd05729f2e05305d7ec4fc064da25f9356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/css/icons/tl-icons-v4.min.css?v=1476280033
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 01 Feb 2018 13:42:12 GMT
Server: nginx/1.20.1
ETag: "5a731934-2d9cc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186828

GET
H/1.1 200
OK icomoon.ttf
app.truelook.com/css/icons.new/fonts/ Frame C65F 6 KB
6 KB 188ms
102ms Font
application/octet-stream 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/css/icons.new/fonts/icomoon.ttf?165j08

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/css/icons.new/css/custom.min.css?v=1525117328

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

ae4afd37ee71319b1ecd0a32db33daf7ad96d73d40578d14c9f05283f47a9919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/css/icons.new/css/custom.min.css?v=1525117328
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 30 Apr 2018 19:40:40 GMT
Server: nginx/1.20.1
ETag: "5ae77138-1694"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5780

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame C65F 300 KB
85 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0699abf6d0a24896321d9172761f9b74

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

808f0ba0e68c0af22595865262b3a25e4728217e6eb9770855ef154b9a4508ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.truelook.com/
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 07:40:24 GMT
content-md5: 7674pw5/EbdO8eykck11qA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86898
x-fb-rlafr: 0
x-fb-debug: ZQWk0BY1mfO2OKTqXvLZTge17e+1FoCcrdgcJvUl6ygw2w4oHHC4fnMEW14COku3miijxKQQjcP4C+4Wy3PDMQ==
x-fb-content-md5: be8cc1da0100253aa3e1f4ec57765fb3
cross-origin-opener-policy: same-origin-allow-popups
etag: "0f79de87841af4adda68df79b81c7334"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Nov 2023 06:31:39 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 0DD2 3 B
450 B 152ms
54ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.truelook.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame C65F 3 B
90 B 121ms
64ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.truelook.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 forwebsite.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 56 KB
56 KB 139ms
138ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/forwebsite.jpg?time=1668138133

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/esg.min.js?ver=3.0.15&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c94e9a81afb4b7bcec059e5eb655c9ed20df9268bfd7dc1bed0759312491b1a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=98008
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57138
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 17:26:33 GMT
server: cloudflare
x-php-version: 8.1
etag: "17ed8-5b35f65b24440"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae940e4bb69a2d-FRA
expires: Sat, 17 Dec 2022 07:40:24 GMT

GET
H3 200 West-End-Flats-Website.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 155 KB
155 KB 132ms
132ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/West-End-Flats-Website.jpg?time=1668138133

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/esg.min.js?ver=3.0.15&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41809d3b96abeaf47727a7e987439fe573bf3478e0e81c43534dbc72a7b3d08c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=334617
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 158695
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 17:30:34 GMT
server: cloudflare
x-php-version: 8.1
etag: "51b19-5b35f740fa280"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae940e4bb89a2d-FRA
expires: Sat, 17 Dec 2022 07:40:24 GMT

GET
H3 200 Wynmere-Chase-scaled.jpg
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/ 149 KB
149 KB 124ms
124ms Image
image/jpeg 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2020/11/Wynmere-Chase-scaled.jpg?time=1668138133

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-content/plugins/essential-grid/public/assets/js/esg.min.js?ver=3.0.15&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1eb8453e59e93e56b933290078eb46b0ed39fe426413da9cdaeab58244bd2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=194889
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 152414
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Nov 2020 17:32:04 GMT
server: cloudflare
x-php-version: 8.1
etag: "2f949-5b35f796ced00"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae940eac5e9a2d-FRA
expires: Sat, 17 Dec 2022 07:40:24 GMT

GET
H/1.1 200
OK 2.min.js Show response
app.truelook.com/scripts/ Frame 0DD2 519 KB
148 KB 104ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/2.min.js?v=1664996175

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

dc733ea41eb331c61d9f3c5f1897491e2bedbceeb052193278a5e9d3a46329ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15312163626306825298033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:41 GMT
Server: nginx/1.20.1
ETag: W/"633dd369-81ddc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK 2.min.js Show response
app.truelook.com/scripts/ Frame C65F 519 KB
148 KB 104ms
104ms Script
application/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/2.min.js?v=1664996175

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/head.load.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

dc733ea41eb331c61d9f3c5f1897491e2bedbceeb052193278a5e9d3a46329ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/?m=15710441798397236393602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:56:41 GMT
Server: nginx/1.20.1
ETag: W/"633dd369-81ddc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 16 Dec 2022 07:40:25 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 631ms
102ms XHR
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1668584423435&dh=betinvestments.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&vci=741392505&cv=2.0.0&z=1162059955&vg=e9bcb7e1-d276-5796-9c8d-9675412a867c&vtg=e9bcb7e1-d276-5796-9c8d-9675412a867c&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225fa97bb7-ca30-6e48-7339-24534a462530.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data09%22%2C%22xid%22%3A%223349686%22%2C%22wp%22%3A%226.0.3%22%2C%22php%22%3A%228.1.9%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22divi%22%2C%22theme%22%3A%22divi%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22675%22%2C%22wp_alloptions_bytes%22%3A%22956109%22%7D&hit_id=2e98814e-d318-500f-80b3-1ef81f5fd182&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Wed, 16 Nov 2022 07:40:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://betinvestments.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
292 B 608ms
101ms XHR
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1668584425623&dh=betinvestments.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&vci=741392505&cv=2.0.0&z=2068599051&vg=e9bcb7e1-d276-5796-9c8d-9675412a867c&vtg=e9bcb7e1-d276-5796-9c8d-9675412a867c&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225fa97bb7-ca30-6e48-7339-24534a462530.secureserver.net%22%2C%22pod%22%3A%22A2NLWPPOD07%22%2C%22storage%22%3A%22a2cephmah002pod07_data09%22%2C%22xid%22%3A%223349686%22%2C%22wp%22%3A%226.0.3%22%2C%22php%22%3A%228.1.9%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22divi%22%2C%22theme%22%3A%22divi%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22675%22%2C%22wp_alloptions_bytes%22%3A%22956109%22%7D&hit_id=a645ab02-eaef-59da-a6c1-afd3440634b4&ht=perf&tce=1668584422692&tcs=1668584422492&tdc=1668584425593&tdclee=1668584423497&tdcles=1668584423490&tdi=1668584423490&tdl=1668584422796&tdle=1668584422492&tdls=1668584422492&tfs=1668584422490&tns=1668584422236&trqs=1668584422692&tre=1668584422984&trps=1668584422793&tles=1668584425593&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Wed, 16 Nov 2022 07:40:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://betinvestments.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H3 200 banner.png
0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2018/08/ 247 KB
248 KB 132ms
131ms Image
image/png 162.159.136.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0d03cd.a2cdn1.secureserver.net/wp-content/uploads/2018/08/banner.png

Requested by

Host: 0d03cd.a2cdn1.secureserver.net
URL: https://0d03cd.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0&time=1668138133

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.136.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535cf59a8deb16003331a1d7ae737e3898b198bfaa713539123a15bc6994871b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://betinvestments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:25 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
cf-cache-status: HIT
cf-polished: origSize=276190
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 253007
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Aug 2018 19:37:06 GMT
server: cloudflare
x-php-version: 8.1
etag: "436de-57392916fdc80"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 76ae94142f669a2d-FRA
expires: Sat, 17 Dec 2022 07:40:25 GMT

GET
H/1.1 200
OK get_dns_id.php Show response
app.truelook.com/api/customer/ Frame 0DD2 495 B
889 B 163ms
162ms XHR
text/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/api/customer/get_dns_id.php?callback=jQuery21401495495509892344_1668584425029&json=%7B%22m_id%22%3A%2215312163626306825298033%22%7D&_=1668584425030

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 / PHP/5.4.16

Resource Hash

f473b19557a4363f35d9165b1892bba24d7d4d52f2b0b9d26c48c3ca8a1ffc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://app.truelook.com/?m=15312163626306825298033
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: nginx/1.20.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK get_dns_id.php Show response
app.truelook.com/api/customer/ Frame C65F 486 B
886 B 154ms
153ms XHR
text/javascript 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/api/customer/get_dns_id.php?callback=jQuery21408736855929007374_1668584425176&json=%7B%22m_id%22%3A%2215710441798397236393602%22%7D&_=1668584425177

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 / PHP/5.4.16

Resource Hash

50b136eecd5310ee2a1b13336cd2708e413bf5023a967eeb2dce159cae4c7ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://app.truelook.com/?m=15710441798397236393602
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Nov 2022 07:40:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: nginx/1.20.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK quick_login.jsp Show response
live000-e1.truelook.com/v2/ Frame 0DD2 91 B
395 B 437ms
99ms Script
text/javascript 52.44.125.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live000-e1.truelook.com/v2/quick_login.jsp?callback=jQuery21401495495509892344_1668584425029&action=customerinfo&customer=betinvestments&app=promenade2&_=1668584425031

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.44.125.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-125-221.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

cedfd5efcd72c9a1ee0e5bec87aa93cebba393d1fa04143d60b151ba07a0a959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 91
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK low_contrast_linen.png
app.truelook.com/img/ Frame 0DD2 22 KB
23 KB 102ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/low_contrast_linen.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/css/1.min.css?v=1664996173

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/css/1.min.css?v=1664996173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 05 Jul 2012 18:07:31 GMT
Server: nginx/1.20.1
ETag: "4ff5d7e3-58dd"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22749
Expires: Fri, 16 Dec 2022 07:40:26 GMT

GET
H/1.1 200
OK flowplayer.woff2
app.truelook.com/scripts/libs/flowplayer7.2.7/skin/icons/ Frame 0DD2 8 KB
8 KB 102ms
102ms Font
font/woff2 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/icons/flowplayer.woff2

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

676b7fcb662822833ca633f1e26c68236067f30530dea79dab00be4cd8f9ef9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 20 Aug 2018 16:38:54 GMT
Server: nginx/1.20.1
ETag: "5b7aee9e-1ee4"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7908

GET
H/1.1 200
OK quick_login.jsp Show response
live000-e1.truelook.com/v2/ Frame C65F 91 B
395 B 400ms
99ms Script
text/javascript 52.44.125.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live000-e1.truelook.com/v2/quick_login.jsp?callback=jQuery21408736855929007374_1668584425176&action=customerinfo&customer=betinvestments&app=witmer&_=1668584425178

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.44.125.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-125-221.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

87f8694835e6961dd58d7a8bbe0a81ba5f8c46d687c5ba8ca9ae75312dfe6550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 91
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK low_contrast_linen.png
app.truelook.com/img/ Frame C65F 22 KB
23 KB 102ms
102ms Image
image/png 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.truelook.com/img/low_contrast_linen.png

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/css/1.min.css?v=1664996173

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/css/1.min.css?v=1664996173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 05 Jul 2012 18:07:31 GMT
Server: nginx/1.20.1
ETag: "4ff5d7e3-58dd"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22749
Expires: Fri, 16 Dec 2022 07:40:26 GMT

GET
H/1.1 200
OK flowplayer.woff2
app.truelook.com/scripts/libs/flowplayer7.2.7/skin/icons/ Frame C65F 8 KB
8 KB 102ms
102ms Font
font/woff2 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/icons/flowplayer.woff2

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 /

Resource Hash

676b7fcb662822833ca633f1e26c68236067f30530dea79dab00be4cd8f9ef9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/scripts/libs/flowplayer7.2.7/skin/skin.min.css?v=1536091168
Origin: https://app.truelook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 20 Aug 2018 16:38:54 GMT
Server: nginx/1.20.1
ETag: "5b7aee9e-1ee4"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7908

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0DD2 4 KB
3 KB 145ms
48ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 07:40:26 GMT

GET
H/1.1 206
Partial Content daily.mp4
s3.amazonaws.com/media.truelook.com/betinvestments/promenade2/sspt/1531216362630682/movie/ Frame 0DD2 394 KB
0 422ms
217ms Media
video/mp4 54.231.202.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/media.truelook.com/betinvestments/promenade2/sspt/1531216362630682/movie/daily.mp4?1599087609921
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.202.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.truelook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 16 Nov 2022 07:40:27 GMT
x-amz-request-id: MCEKB7G97WEK3DED
Content-Range: bytes 0-217249308/217249309
x-amz-meta-preset: daily
x-amz-meta-params: a:3:{s:4:"cust";s:14:"betinvestments";s:3:"app";s:10:"promenade2";s:6:"preset";s:5:"daily";}
x-amz-meta-size: 207.19 MB
Content-Length: 217249309
x-amz-id-2: J10xXiLxD3rHbgVANUCnIBUPL3fvUHzrq4dfDakrxHVA14KcDdJK4Yy0zM/FcVbzCI97k2FMkLg=
x-amz-meta-res: 1920x1080
x-amz-meta-created: 2022-07-16 01:14:43
x-amz-meta-last: 1657929609753
x-amz-meta-ffmpeg: cd /mnt/batch-mp4//betinvestments/promenade2/1531216362630682/62d2402fcb5ed/ && ffmpeg -loglevel error -stats -y -framerate 29.97 -pattern_type glob -i '0*.morph.jpg' -pix_fmt yuv420p -s 1920x1080 -vcodec libx264 -crf 18 -preset slow -maxrate 10M -bufsize 20M -vf scale=1920:1080 -bf 2 -flags +cgop -an -movflags faststart /mnt/batch-mp4//betinvestments/promenade2/1531216362630682/62d2402fcb5ed//daily.mp4
Last-Modified: Sat, 16 Jul 2022 05:14:45 GMT
x-amz-meta-duration: 00:02:53
Server: AmazonS3
ETag: "9f3309c2f04f32e2c7e2ecdbdda04faa"
Content-Type: video/mp4
Accept-Ranges: bytes
x-amz-meta-fps: 29.97

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C65F 4 KB
2 KB 160ms
67ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/libs/flowplayer7.2.7/flowplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 07:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 07:40:26 GMT

GET
H/1.1 206
Partial Content daily.mp4
s3.amazonaws.com/media.truelook.com/betinvestments/witmer/sspt/1571044179839723/movie/ Frame C65F 431 KB
0 448ms
244ms Media
video/mp4 54.231.202.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/media.truelook.com/betinvestments/witmer/sspt/1571044179839723/movie/daily.mp4?1612821623830
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.202.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.truelook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 16 Nov 2022 07:40:27 GMT
x-amz-request-id: MCEKFXC41J09DQ5G
Content-Range: bytes 0-147133514/147133515
x-amz-meta-preset: daily
x-amz-meta-params: a:3:{s:4:"cust";s:14:"betinvestments";s:3:"app";s:6:"witmer";s:6:"preset";s:5:"daily";}
x-amz-meta-size: 140.32 MB
Content-Length: 147133515
x-amz-id-2: 2+VskjoM9YHakc7gu8hkqomZ8uQNpuOsLyLNK/ixB5FJDMYDSgEinmc9CuWAmnpciRDGoAFUn8s=
x-amz-meta-res: 1920x1080
x-amz-meta-created: 2022-07-16 01:13:57
x-amz-meta-last: 1657929618954
x-amz-meta-ffmpeg: cd /mnt/batch-mp4//betinvestments/witmer/1571044179839723/62d242ca2970e/ && ffmpeg -loglevel error -stats -y -framerate 29.97 -pattern_type glob -i '0*.morph.jpg' -pix_fmt yuv420p -s 1920x1080 -vcodec libx264 -crf 18 -preset slow -maxrate 10M -bufsize 20M -vf scale=1920:1080 -bf 2 -flags +cgop -an -movflags faststart /mnt/batch-mp4//betinvestments/witmer/1571044179839723/62d242ca2970e//daily.mp4
Last-Modified: Sat, 16 Jul 2022 05:13:59 GMT
x-amz-meta-duration: 00:01:57
Server: AmazonS3
ETag: "b9f72f936a4aadf0c67529aba410f10c"
Content-Type: video/mp4
Accept-Ranges: bytes
x-amz-meta-fps: 29.97

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 0DD2 52 KB
15 KB 122ms
42ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 16 Nov 2022 12:56:25 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame C65F 52 KB
15 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 16 Nov 2022 12:56:25 GMT

POST
H/1.1 200
OK error_logger.php Show response
app.truelook.com/ Frame C65F 0
323 B 102ms
102ms XHR
text/html 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/error_logger.php

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 / PHP/5.4.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/?m=15710441798397236393602
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: nginx/1.20.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

POST
H/1.1 200
OK error_logger.php Show response
app.truelook.com/ Frame 0DD2 0
323 B 102ms
102ms XHR
text/html 34.194.104.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.truelook.com/error_logger.php

Requested by

Host: app.truelook.com
URL: https://app.truelook.com/scripts/1.min.js?v=1664996174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.194.104.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

app01-e1.truelook.com

Software

nginx/1.20.1 / PHP/5.4.16

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://app.truelook.com/?m=15312163626306825298033
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 16 Nov 2022 07:40:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: nginx/1.20.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H3 200 common.js Show response
maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/ Frame 0DD2 248 KB
68 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21023ff71bebe1c74caf550ad437a398d3a20703da9790367279e6710ce7080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69635
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 20:14:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 22:00:43 GMT

GET
H3 200 util.js Show response
maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/ Frame 0DD2 166 KB
61 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96258c388a0948200e4bf656485487c1194fe6cc1ef78c5c47d6d698835f4c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 12:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62451
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 20:14:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 12:00:36 GMT

GET
H3 200 common.js Show response
maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/ Frame C65F 248 KB
68 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21023ff71bebe1c74caf550ad437a398d3a20703da9790367279e6710ce7080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69635
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 20:14:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 22:00:43 GMT

GET
H3 200 util.js Show response
maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/ Frame C65F 166 KB
61 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/12a/intl/de_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyDi3qpFlfx1wDTldxMhGomdMptihMU0O50&region=USA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96258c388a0948200e4bf656485487c1194fe6cc1ef78c5c47d6d698835f4c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.truelook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 12:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62451
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 20:14:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 12:00:36 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.betinvestments.com/	1970-01-20 16:15:20	Name: _tccl_visitor Value: e9bcb7e1-d276-5796-9c8d-9675412a867c
			.betinvestments.com/	1970-01-20 07:29:46	Name: _tccl_visit Value: e9bcb7e1-d276-5796-9c8d-9675412a867c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d03cd.a2cdn1.secureserver.net
ajax.googleapis.com
app.truelook.com
betinvestments.com
cdn.pendo.io
connect.facebook.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
img6.wsimg.com
live000-e1.truelook.com
maps.google.com
maps.googleapis.com
s3.amazonaws.com
www.betinvestments.com
www.google-analytics.com
www.gstatic.com
162.159.136.45
198.71.233.13
2.16.241.86
2600:9000:2182:7200:1f:aa31:7740:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a02:26f0:1700:11::b856:678c
2a03:2880:f01c:8012:face:b00c:0:3
34.194.104.115
52.44.125.221
54.231.202.216
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e47818bd6bcf44fb0dc1b7894382435b6dbb04929b3087e035287913828542
0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58
0c9c1f2be8878457719272a82d9b428dc315f65a6e594fe7b26843578ec08f35
0e6d67a8f0c48a609124f6af57159c710935101bb5e174b4c997be8e739ffcd8
0eb4b43145ffb8ec00c6f0e8107c1104fa8655241cdc47e113a2b38af3f8f0e9
13c0737ca38bba22fb6d550b2bf09380db1c3343ee3a2bdf8e04bbeac6466947
1565eb0cd35a887b9e8bfb6d144f795066e5e453505ab40aa11a0765f5b1b759
168642741cf6acd34501d09c8cc1c7e6be332ca9222f3223419bd1664b381839
1b3f46f64115b9fb8e8b209c6dcc0c2769a82c0d1484e96b8f844f2dd0864f59
1c99a0d7b4f3ae49b6934939b44ffddcc1cab66c761cdb5008adc157cd8016ce
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1eee9b8eccd2fe5e3cee1930cf55b49aa1d49ce00e1cca750280103e097303d5
1f342473e9676e3af37e18ec34a45321c7864047127a4dd044bcc48596276b54
21023ff71bebe1c74caf550ad437a398d3a20703da9790367279e6710ce7080c
2241b389694144e159b8bbade5246c605ad9fbbfd3b53235c84682057130ae4f
2bcec9d70616cb46c24d68f5ef09bbeea2ed762d6c08c6726cb260e1f0f1671d
2d785d7ba52514bbd468fc2443c947864dc5794b47febe0d2bc8816973291971
2db58003639201f702240221b128a1a23b2b4c211eefcf723520167eb065c95b
2dd942a9920cec10562433ca0693c01bef408f9bf97937fe8604e918be29be24
3208b4b1e486296a399984bc45ceb0df6013f7c9103c383c39be2db7cac9a491
330b1b81851c69c845ef93e642ccf61381aa59ab63faf47e17691308049a97b4
331c783e14d37aa6d6a015557ea33cc0d4a19f55e31fcb543eab85560f6a2e00
3367d93f2c52ebdec917a5171c72318e67668bb4f7b35bba15358521e376be1c
3d10c5a2f6e175ff4fe3c6f71aeb8b28d79d742adf48ab54da37f91a419e4d66
3d831d79a2b50c2322564423a2b7fcb9490bbe364613326dba2cece2962ac8c3
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41809d3b96abeaf47727a7e987439fe573bf3478e0e81c43534dbc72a7b3d08c
43516087a98c069e2197f5253bcf4efd05729f2e05305d7ec4fc064da25f9356
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
46bbc7b22b8c58dc664cd4b31da0906636b96c8d64b839b1671d3eff081f6c1e
47efc979e7436a1784f0ba94c9bd825ded1fbed72c848aabff3239d07c580b19
485bc5603124f8f36a7b7aa810896e3cca81981472dcf21a7e8b9de62b59f851
4a45b02646d55ff68939811dbd4d335a8fd4c3bd07125a1335fe97f20d284472
4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e
4d9bcf0b5fec29b2d9340ed6481360706e44496328b35396956afa0e307c856a
4dd933439ed8a5f9d344f111861f096a1184f41f07c5873c7e83edc04c64443e
4edf92544c1bd1432b517c7014646632bcd4731bebc32350574dd2a3f45c0c88
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
50b136eecd5310ee2a1b13336cd2708e413bf5023a967eeb2dce159cae4c7ce5
525a0b5965a40843f2c2002e1c69c89c693f249cbb25e7d523dadbeee4942f69
535cf59a8deb16003331a1d7ae737e3898b198bfaa713539123a15bc6994871b
543abcc9b648e8163b776c15632a566251717566a4d724f9939bef59399eefc4
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
58d137f8d47682d72b90450e1ab64eb114d7b357fe1794ef430dba4f38e16276
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1
66671fd0fcfdc59579ccfb1e81199220280e29c506d41fd422652327bca43c75
676b7fcb662822833ca633f1e26c68236067f30530dea79dab00be4cd8f9ef9a
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604
68e86a4c2211bebe83069b83bb425b65bbbec026b7100a8d74db36c16ac559f4
6a7a8906929c78df8a9b0dc2a18a3443cbbc986ce0b7eee553094d8ddc427b55
6b6b0946ac6f05bafc3c65b5bfc2d6688dfb6afcb865e2f80e7aa79fb2005bb2
6c25079578a423d748502705477d129b3946b5f617ead7decc6b11d2cf7ca976
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6ec7f9b0ceb5ee56d52350ca540ed1a295ad5523b3ca0e11f8fc777ebecf0ab8
7036b60fb78062c524c1c1af15e469e955071c72a32632a8220adda9893618b7
707e726bceeabc010c0e8d315a8679842da153fd191af37af824de7597fa59a5
723c895397c0be35b88eec38aa89318c4b9c2ddf34576c87951f83a429302048
72446eb2da18d5952b834c8482206a0c60e3889cf68ab6e29028db0d95cf9aca
7832298cce2eed64896c0a1c06982a4c806f23078b82d67931dc95c7e1fb422b
7aaadfd2a24a912fcca1403c0e627f4f3fe642aa2637e51bfed35b226e1d0589
7dda4ea66078a8c2405497746714e305843e22b0b37d0e81b778031c8398bfe0
7e6e8ddfa1d8fd89f772d883571bc90f9150374f846f6ceb02fd2973050f9fa1
808f0ba0e68c0af22595865262b3a25e4728217e6eb9770855ef154b9a4508ef
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82c6e9fccae16e121eb4fd7800a79bca62d9bcfb760ca55e26bb4b441d48cb67
83c537690f0889a6294d8cfa1a289610cd1d0f1a91ca7e7e62238dcbd0fd2c5c
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87f8694835e6961dd58d7a8bbe0a81ba5f8c46d687c5ba8ca9ae75312dfe6550
8b4d0b6ffddb6b2cd149755a2a0ce1f9a9c0cea4131c112809f82719e8e280d3
907d48a73f404f10b383962579e342fa9efd73c8d26f0cb10964559f0114ef04
921d280692bf4760e1d7f1656d20003069a68991de26a61483524a973fdd8159
96258c388a0948200e4bf656485487c1194fe6cc1ef78c5c47d6d698835f4c7f
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
99fb193fec34b8d84e892ae13185c203b64f6c3cd8d95f766103eb0f62f79e26
a0a83c52059b10ec3faa24d94628faac9c145524ce360a93f7d32133a0329959
a29c88b4d1a9f6bf7639b6f3e27dcbef0b014e9e90646315fdf11a7fd3164502
a4780c7618901aa889cd7026409d46c4e013913af20643c01b5c5fbcdd867e54
a814cae51a97f9d6998c095abdb377137e69dd27cf70b8a54351ba624223049d
ae4afd37ee71319b1ecd0a32db33daf7ad96d73d40578d14c9f05283f47a9919
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47bf3f2e265a72d087e957182628fb67b9e19ed9470f4b3a3fbec20fd8075ff
b5b1eb8453e59e93e56b933290078eb46b0ed39fe426413da9cdaeab58244bd2
b9020dcc69668efca4429d4c481046bf9bf9722d2ab808f02415be751b849900
b9c02236efdf106e232c8782ff3c2f525304421187b15f89668852096ea14efc
bca4e47c090820f5a9c92090d9e74bc021afc22075107c63ba2c05347269a1e9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfebe0f52ced8bc7062d12767d5e3df778ab0f93e1cf05147e08aaf9e62205f9
c04bf13384e387922c79342587b99b5f9c1108cce347c4cc11c1eb6bd9be317b
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c18024505ce117cd3e23d852dd45b36f2fea05e2d1d9441fcff92fdbe9c50ac4
c19e5239c7232c82c1c1b51812b4a981c4095f857cca95d8ce0815bc727319f0
c33111ed23aad1f40ed99152ffa3a9e76e5716383805f618e489bb53e1893649
c364517a6f25faad1182a3543f031195472e509dd5e9312fae71482a9dd5199d
c3d1b5d4ab6434281db1bc504bfba743bebd8d6c65f9348c358b2b610a9e119d
c72309dec94cefb9d5a470965c967405609cbfad6925a071fb35115d13cff411
c94e9a81afb4b7bcec059e5eb655c9ed20df9268bfd7dc1bed0759312491b1a5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb213930b5ce4834f6c9b2d568856920609fcd274c33dd907ec4cee1e2bc27d3
cba33a1af5ee1a9021657401296b8e69b7e5897a46430eed31aa68e6881d37cd
ccdbc53d2bb413072611f5e9a7e8b796c2bf00f3c3aecee7fc90e0f5e165c5dd
cd5af4d9c3ded42f070565b7f2e1f32df69f86cf51334dc2b3034942dc0ae49f
cedfd5efcd72c9a1ee0e5bec87aa93cebba393d1fa04143d60b151ba07a0a959
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d211c2b23d883f971e5a04702b727ab8761f1688a0112bcadb66f79ee6ff451e
d4538f66e2db1b502e29f5cc4b0abaf71268935792a87a8a2c392e745cabfeaf
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d9c481b33103b23a3cd7010e91486dde5434c90f0e9727fa8fc77f560aac53c9
daf0c194001ca2469811e3e29b0d518dda8be762443240870acd7fd5b154af63
dc733ea41eb331c61d9f3c5f1897491e2bedbceeb052193278a5e9d3a46329ea
dd5513e8d290e2e9109b4583b7c11dc859741bd1740a11dbccdca69d719f28b4
df44f1162aa0b2fab3d2f936c25d5d150c1e6d3ed8204fe4d1d955418dc7450e
dfb89b54a9a1373378d60a23224374db19cd3d83e263d4fbe09d18a36adb6138
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3773a2e4c56d57be1244c88bf966da640bbc77fcd91ecbffdbc2f5547cbe87a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482567116be3a36439212ba497b334a53a67469f7271fb38828218c45166b92
e66878dc400a4e12b66e3028a2ba318987ef11c7064978dc9f5bcd4492ae2ded
e756c181bec847fa1c26883334b26389d935cddb22c05ce35eff0ee4c2d4c88c
eaa0cd359136fdf2996c582321efa7ccd68f03bf5c2773757283359885325a41
ed9a3e12f72df435c1e1f787456c10ea800d370ba0611c27fff02608e73dc514
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f473b19557a4363f35d9165b1892bba24d7d4d52f2b0b9d26c48c3ca8a1ffc59
fb29eb731e993785398ba70bb17926c80e0652330a99a3967612f6b50ab56811
ff09c6612b0c23cbcfdad7ab9256743cdf27f53623cc4905b502cca941628713

betinvestments.com Open in urlscan Pro 198.71.233.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

99 %HTTPS

63 %IPv6

11 Domains

18 Subdomains

17 IPs

3 Countries

17612 kBTransfer

25338 kBSize

2 Cookies

33 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

betinvestments.com Open in urlscan Pro
198.71.233.13 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

99 %
HTTPS

63 %
IPv6

11
Domains

18
Subdomains

17
IPs

3
Countries

17612 kB
Transfer

25338 kB
Size

2
Cookies

174 HTTP transactions
6 data transactions