l6b5a4qa51ba.com Open in urlscan Pro
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7  Public Scan

Submitted URL: http://l6b5a4qa51ba.com/0.033538629333420555
Effective URL: https://l6b5a4qa51ba.com/0.033538629333420555
Submission: On June 22 via api from US — Scanned from DE

Summary

This website contacted 21 IPs in 5 countries across 19 domains to perform 108 HTTP transactions. The main IP is 2a05:d014:d13:26bb:ad3c:1113:166d:2fd7, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is l6b5a4qa51ba.com.
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time l6b5a4qa51ba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2a05:d014:d13... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 162.55.5.93 24940 (HETZNER-AS)
20 104.26.7.146 13335 (CLOUDFLAR...)
1 18.239.18.51 16509 (AMAZON-02)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
25 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.65.39.37 16509 (AMAZON-02)
1 116.202.10.2 24940 (HETZNER-AS)
2 142.132.154.151 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
10 185.26.99.196 44066 (DE-FIRSTC...)
3 2a00:1450:400... 15169 (GOOGLE)
2 76.223.74.40 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a13:1ec0::1037 201589 (EDGEAMLLC)
1 57.128.74.67 16276 (OVH)
1 108.156.60.118 16509 (AMAZON-02)
1 99.83.255.25 16509 (AMAZON-02)
1 34.111.52.132 ()
108 21
Apex Domain
Subdomains
Transfer
25 wol-prod.com
microfrontend.wol-prod.com — Cisco Umbrella Rank: 889520
1 MB
20 cdn-ba.com
front.cdn-ba.com
upload.cdn-ba.com
2 MB
16 l6b5a4qa51ba.com
l6b5a4qa51ba.com
838 KB
10 auth-andreas.com
auth-andreas.com
1 KB
7 jivo.ru
code.jivo.ru — Cisco Umbrella Rank: 82110
319 KB
5 rockmostbet.com
rstat.rockmostbet.com — Cisco Umbrella Rank: 616295
91 KB
3 jivosite.com
code-ya.jivosite.com — Cisco Umbrella Rank: 206507
node-sber1-az1-25.jivosite.com — Cisco Umbrella Rank: 919351
10 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
967 B
3 scarabresearch.com
cdn.scarabresearch.com — Cisco Umbrella Rank: 14816
static.scarabresearch.com — Cisco Umbrella Rank: 17833
66 KB
2 z80p7o8nb7l.com
ba.z80p7o8nb7l.com
52 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
2 lnabew.com
gba.lnabew.com — Cisco Umbrella Rank: 897474
315 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
166 KB
1 emarsys.net
webchannel-content.eservice.emarsys.net
422 B
1 fpjs.io
eu.api.fpjs.io — Cisco Umbrella Rank: 293431
447 B
1 fpjscdn.net
fpjscdn.net — Cisco Umbrella Rank: 105405
51 KB
1 gstatic.com
www.gstatic.com
207 KB
1 betandreas.com
sentry.betandreas.com
244 B
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 5461
12 KB
108 19
Domain Requested by
25 microfrontend.wol-prod.com front.cdn-ba.com
microfrontend.wol-prod.com
l6b5a4qa51ba.com
16 front.cdn-ba.com l6b5a4qa51ba.com
front.cdn-ba.com
16 l6b5a4qa51ba.com l6b5a4qa51ba.com
front.cdn-ba.com
10 auth-andreas.com front.cdn-ba.com
7 code.jivo.ru code-ya.jivosite.com
l6b5a4qa51ba.com
5 rstat.rockmostbet.com l6b5a4qa51ba.com
rstat.rockmostbet.com
4 upload.cdn-ba.com l6b5a4qa51ba.com
3 www.google.com front.cdn-ba.com
www.gstatic.com
2 code-ya.jivosite.com front.cdn-ba.com
2 ba.z80p7o8nb7l.com front.cdn-ba.com
2 region1.google-analytics.com front.cdn-ba.com
2 gba.lnabew.com front.cdn-ba.com
l6b5a4qa51ba.com
2 static.scarabresearch.com cdn.scarabresearch.com
2 www.googletagmanager.com l6b5a4qa51ba.com
www.googletagmanager.com
1 webchannel-content.eservice.emarsys.net front.cdn-ba.com
1 eu.api.fpjs.io front.cdn-ba.com
1 fpjscdn.net l6b5a4qa51ba.com
1 node-sber1-az1-25.jivosite.com front.cdn-ba.com
1 www.gstatic.com www.google.com
1 sentry.betandreas.com front.cdn-ba.com
1 websdk.appsflyer.com l6b5a4qa51ba.com
1 cdn.scarabresearch.com l6b5a4qa51ba.com
108 22

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
l6b5a4qa51ba.com
R3
2024-05-18 -
2024-08-16
3 months crt.sh
*.google-analytics.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
rstat.rockmostbet.com
R3
2024-05-15 -
2024-08-13
3 months crt.sh
cdn-ba.com
GTS CA 1P5
2024-05-30 -
2024-08-28
3 months crt.sh
*.scarabresearch.com
Amazon RSA 2048 M03
2023-08-23 -
2024-09-20
a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-27 -
2024-07-27
a year crt.sh
wol-prod.com
GTS CA 1P5
2024-05-22 -
2024-08-20
3 months crt.sh
betandreas.com
R3
2024-05-02 -
2024-07-31
3 months crt.sh
gba.lnabew.com
R3
2024-05-05 -
2024-08-03
3 months crt.sh
authy.betandreas.com
R10
2024-06-12 -
2024-09-10
3 months crt.sh
*.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
mst.tm53cd3by2.com
Amazon RSA 2048 M02
2024-04-16 -
2025-05-15
a year crt.sh
*.gstatic.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2
2024-04-05 -
2025-05-07
a year crt.sh
*.jivo.ru
GlobalSign GCC R6 AlphaSSL CA 2023
2024-05-13 -
2025-06-14
a year crt.sh
fpcdn.io
Amazon RSA 2048 M03
2023-10-10 -
2024-11-08
a year crt.sh
eu.api.fpjs.io
Amazon RSA 2048 M03
2023-11-26 -
2024-12-25
a year crt.sh
webchannel-content-service.scarabresearch.com
R11
2024-06-16 -
2024-09-14
3 months crt.sh

This page contains 4 frames:

Primary Page: https://l6b5a4qa51ba.com/0.033538629333420555
Frame ID: 762F4EDBFDE0408D3DEF0248B49D96D5
Requests: 103 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjedcdAAAAAP2Nye_UzLHV2UrACn-rFd6Trx_B&co=aHR0cHM6Ly9sNmI1YTRxYTUxYmEuY29tOjQ0Mw..&hl=ru&type=image&v=KXX4ARWFlYTftefkdODAYWZh&theme=light&size=invisible&badge=inline&cb=bw5guus4nmnn
Frame ID: B38A4409E8F4FBE3FFAFD4A9EC5D3EAF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=KXX4ARWFlYTftefkdODAYWZh&k=6LfjedcdAAAAAP2Nye_UzLHV2UrACn-rFd6Trx_B
Frame ID: 48B550E1EE02477E0D970510935B9AA5
Requests: 1 HTTP requests in this frame

Frame: https://code.jivo.ru/js/85fc868/omnichannelMenu.js
Frame ID: DEE98E5B136B5DD9B926BD3874F1E4C1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Онлайн ставки на спорт и казино BetAndreas

Page URL History Show full URLs

  1. http://l6b5a4qa51ba.com/0.033538629333420555 HTTP 307
    https://l6b5a4qa51ba.com/0.033538629333420555 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

108
Requests

98 %
HTTPS

40 %
IPv6

19
Domains

22
Subdomains

21
IPs

5
Countries

5502 kB
Transfer

10457 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l6b5a4qa51ba.com/0.033538629333420555 HTTP 307
    https://l6b5a4qa51ba.com/0.033538629333420555 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.033538629333420555
l6b5a4qa51ba.com/
Redirect Chain
  • http://l6b5a4qa51ba.com/0.033538629333420555
  • https://l6b5a4qa51ba.com/0.033538629333420555
3 KB
1 KB
Document
General
Full URL
https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4014eff0f88e84f569c8e40958237fb616995052fcf80ebc5019721976466da

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 22 Jun 2024 13:10:20 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://l6b5a4qa51ba.com/0.033538629333420555
Non-Authoritative-Reason
HttpsUpgrades
gtm.js
www.googletagmanager.com/
191 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMRN37G
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
268d87b6b1478d63fa6b978d91de6a7b3e9f037c61424cd732aeabffab390160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69698
x-xss-protection
0
last-modified
Sat, 22 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Jun 2024 13:10:20 GMT
sa_code.js
rstat.rockmostbet.com/public/
7 KB
7 KB
Script
General
Full URL
https://rstat.rockmostbet.com/public/sa_code.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.5.93 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.5.55.162.clients.your-server.de
Software
nginx/1.26.0 /
Resource Hash
472ce390f8fb0b94baa6eefbe0a1c6e08a33272672710dca007d904b8ef97166

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Fri, 09 Feb 2024 12:06:05 GMT
server
nginx/1.26.0
etag
"65c6152d-1b05"
content-type
application/javascript
cache-control
no-store; must-revalidate
accept-ranges
bytes
content-length
6917
main.48be8eb9.js
front.cdn-ba.com/spa-static/0.0.315/static/js/
142 KB
49 KB
Script
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d4cb59eac22a55e800430710e57f941c20d358b77a82612b9f51bb641ceafa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8983
etag
W/"666ab089-23956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wg7jG0uocxWSwu0qehx%2Bqqb5BIqDzAzceZVUTOl4%2F0SE3rQYf%2B0zh1wWhgR6TDOiSb5yXj9tQ%2Fi8sk2NBslWrBp9nKeYejoYSNlwx9g2WLJA8LaWVIBwGb2B%2B3XYyPguw8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a57fa752c18-FRA
expires
Sat, 22 Jun 2024 14:40:37 GMT
ba_prod.js
l6b5a4qa51ba.com/an/public/
9 KB
9 KB
Script
General
Full URL
https://l6b5a4qa51ba.com/an/public/ba_prod.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9f180f65269b59516b250cac867040925ff8e1e18a2fe949d1005eba99bf5b00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Fri, 31 May 2024 18:26:26 GMT
server
nginx
etag
"665a1652-23a5"
content-type
application/javascript
cache-control
no-store; must-revalidate
accept-ranges
bytes
content-length
9125
scarab-v2.js
cdn.scarabresearch.com/js/11DAF087E87A3DFD/
95 KB
23 KB
Script
General
Full URL
https://cdn.scarabresearch.com/js/11DAF087E87A3DFD/scarab-v2.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-51.ams58.r.cloudfront.net
Software
/
Resource Hash
629220e7c5fc7aa9dc7fe0351303192e0467198ad42c83b419b62877dbe8290a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 12:25:38 GMT
Content-Encoding
gzip
Via
1.1 7ce9bf658969fea1ceecfa00e5239dd6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P6
Age
2688
ETag
"188afbd5e4ff636f65b6ceaca02c9937--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600,public
Connection
keep-alive
Timing-Allow-Origin
*
X-Amz-Cf-Id
U_d7l1itJHSvIX3JnUZipn62U0eBKHfrUhhgFs4I96DpfEEsG0jOFw==
/
websdk.appsflyer.com/
38 KB
12 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a440 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 13:10:20 GMT
Content-Encoding
gzip
x-amz-request-id
YNGC7PCXVN28Z00Q
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
11792
x-amz-id-2
vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified
Wed, 14 Jun 2023 06:58:45 GMT
Server
AmazonS3
ETag
"5a676288bcea03bd05e483bc4ce066ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1318
Accept-Ranges
bytes
X-DataStream-Cache-Status
1
Expires
Sat, 22 Jun 2024 13:32:18 GMT
lib.js
l6b5a4qa51ba.com/an/
86 KB
32 KB
Script
General
Full URL
https://l6b5a4qa51ba.com/an/lib.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/an/public/ba_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
585886f874cec74453180d96216b62201f2026fd8e1c206e06050ef9d896aa1f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
0
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
lib.js
rstat.rockmostbet.com/
231 KB
83 KB
Script
General
Full URL
https://rstat.rockmostbet.com/lib.js
Requested by
Host: rstat.rockmostbet.com
URL: https://rstat.rockmostbet.com/public/sa_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.5.93 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.5.55.162.clients.your-server.de
Software
nginx/1.26.0 /
Resource Hash
b8bef45d2c879bf41023aa66fa26d791fbb169b695f234af591a4b8cd7c4ad8f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
0
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx/1.26.0
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
5863.72aad250.chunk.js
front.cdn-ba.com/spa-static/0.0.315/static/js/
502 KB
156 KB
Script
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b344a853c6735382086a864f12f578455fa26f8b17ac941bdebe98cff3aaa9e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8982
etag
W/"666ab089-7d8b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6ie%2F1K8hvQUx9wnms55VKBkrysP1I9VQIt7boX9F6HMk5ql92YaSD7Waip6xE5F3GUZHp1IbawbP%2BYOlcqpvY39SUxbgFdo47IgHGz3v8gshxwZqNADowIZIglxzDcxrPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a582ab82c18-FRA
expires
Sat, 22 Jun 2024 14:40:38 GMT
wheelV2.js
microfrontend.wol-prod.com/
16 KB
6 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
880cc8e74455ee343a97d5115b5df60d57a31c6f9b68eff7d8b4a88c9c41211f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-4156"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zwYPbrqceJl1hfAWMz%2BPJfZyPJRC%2Bf4B5GcJ5D2QRBNcIJra%2B9HExXowf%2B3pQlVQo8JJJ2VgmwZ%2BaWCuUcRQH8VqLTgkM4FN%2FnM0kRdnRJpxYI72%2FSayyuZ9Dia452YWysFUPVW4eoi1vjGOB2G3%2B2zPIZ4CPTUCLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a585a639fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
7793.76557332.chunk.js
front.cdn-ba.com/spa-static/0.0.315/static/js/
359 KB
111 KB
Script
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/js/7793.76557332.chunk.js
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ca13e99c1437e17a0ab29448456353eb07a392b18d932420e14a0135cd52da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8982
etag
W/"666ab089-59cc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXGk%2BnsJK9BfPpvMd6%2B8%2BL61grWaYBh4lZ78Ijk8E%2BQXHuUxByFqW0BhsEn8pIokiNMcJE0zBt2wDNnfD3cz80J12Hxx6Rj059nezImCoNN%2BVjMYMrzXmO2WTvhlV776wYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a582abc2c18-FRA
expires
Sat, 22 Jun 2024 14:40:38 GMT
wploader.js
static.scarabresearch.com/wpjs/
31 KB
11 KB
Script
General
Full URL
https://static.scarabresearch.com/wpjs/wploader.js?ts=2842
Requested by
Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/11DAF087E87A3DFD/scarab-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-37.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0x2awj0RR6rMetjUbRjcwNrSJvMtI_6a
Content-Encoding
gzip
Via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
Date
Sat, 22 Jun 2024 05:49:04 GMT
X-Amz-Cf-Pop
AMS1-P1
Age
26477
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 May 2024 14:02:59 GMT
Server
AmazonS3
ETag
W/"551d83230352beb5a309b816116c6873"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
SgVMb4bbUOEU2T8cqRgItePogTdtkrGw5BIm5akn3TX_M1EaA_1jrw==
t4k.json
l6b5a4qa51ba.com/an/band/
86 B
556 B
Ping
General
Full URL
https://l6b5a4qa51ba.com/an/band/t4k.json?dig=237581514
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/an/lib.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7970d81327e8ad61b005a7e9dcbc043c0ea64f46937a52cfec56f010eba7afe8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
1
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
content-length
86
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
t4k.json
l6b5a4qa51ba.com/an/band/
86 B
556 B
Ping
General
Full URL
https://l6b5a4qa51ba.com/an/band/t4k.json?dig=204935770
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/an/lib.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2f7b2cb6f3a446a463e408ec384c788f839a345b46755ebf606d048f9927ddc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
1
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
content-length
86
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
t4k.json
rstat.rockmostbet.com/band/
86 B
539 B
Ping
General
Full URL
https://rstat.rockmostbet.com/band/t4k.json?
Requested by
Host: rstat.rockmostbet.com
URL: https://rstat.rockmostbet.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.5.93 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.5.55.162.clients.your-server.de
Software
nginx/1.26.0 /
Resource Hash
7324fd6492def6e6d3218e4e810220ba09c5bdec31b32c52fcd6cb37fbc474f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
9
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx/1.26.0
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
t4k.json
rstat.rockmostbet.com/band/
86 B
539 B
Ping
General
Full URL
https://rstat.rockmostbet.com/band/t4k.json?
Requested by
Host: rstat.rockmostbet.com
URL: https://rstat.rockmostbet.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.5.93 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.5.55.162.clients.your-server.de
Software
nginx/1.26.0 /
Resource Hash
ac9b27c53770f0270cc079c30b73f475b6c2482294127e487fb89361f37abe63
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
9
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx/1.26.0
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
js
www.googletagmanager.com/gtag/
289 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2981F4SLMP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMRN37G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1ac1d1b1ce7c45c5694e433d7e15b057098606b3af2c7ac6d4e3433392cd894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100091
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 13:10:20 GMT
/
sentry.betandreas.com/api/26/envelope/
2 B
244 B
Fetch
General
Full URL
https://sentry.betandreas.com/api/26/envelope/?sentry_key=48ebdb7ac45943e5b98e15a10534d92c&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.51.2
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.10.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.10.202.116.clients.your-server.de
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy worker-src 'self' blob:; child-src 'self' blob:

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-security-policy
worker-src 'self' blob:; child-src 'self' blob:
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
content-length
2
sdk-Wxo6SO8GIuzQm04q
gba.lnabew.com/api/features/
69 B
315 B
Fetch
General
Full URL
https://gba.lnabew.com/api/features/sdk-Wxo6SO8GIuzQm04q
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.154.151 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.151.154.132.142.clients.your-server.de
Software
Caddy / Express
Resource Hash
25765a15420e2617bd8f7bbb7ef72f849a81ab2c933da254d0d09d73f02be1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=31536000
x-sse-support
enabled
server
Caddy
etag
W/"45-Jem7txRIre7c/zm/QzmOH/eBH3E"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-sse-support
cache-control
no-store
alt-svc
h3=":443"; ma=2592000
content-length
69
expires
0
settings
l6b5a4qa51ba.com/api/v2/
935 B
944 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v2/settings
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c6a5f4651f8ad6a98049d2f6b33047903c991ebdfca7653edcd69800cba57322

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-b3510e08c4da9a77-0
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
ca3d9483e7906d4a4f15e466d2c30188
expires
Sat, 22 Jun 2024 13:10:20 GMT
wpes6.js
static.scarabresearch.com/wpjs/
102 KB
32 KB
Script
General
Full URL
https://static.scarabresearch.com/wpjs/wpes6.js?ts=2842
Requested by
Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/11DAF087E87A3DFD/scarab-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-37.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WShe2VjHG7xdZq.WOyX410QEaEqVAMzN
Content-Encoding
gzip
Via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
Date
Sat, 22 Jun 2024 01:44:21 GMT
X-Amz-Cf-Pop
AMS1-P1
Age
41160
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 May 2024 14:03:01 GMT
Server
AmazonS3
ETag
W/"075dffa80a8379a15df2704b81679ad7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
X-Amz-Cf-Id
Cc1Ej2sfAgBtDDio69itx_pvjhjOn5frgT3NW8Hzx5RzMq3W1g3RMQ==
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2981F4SLMP&gtm=45je46j0v9176190868z8860805849za200zb860805849&_p=1719061820119&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=508606713.1719061820&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719061820&sct=1&seg=0&dl=https%3A%2F%2Fl6b5a4qa51ba.com%2F0.033538629333420555&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=596&_z=fetch
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://l6b5a4qa51ba.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
test_cookie_set
auth-andreas.com/multiauth/ Frame
0
0
Preflight
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_set?testcookie=2sb5lrykcn22mjgn2satoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Access-Control-Request-Method
GET
Origin
https://l6b5a4qa51ba.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-max-age
600
allow
GET,HEAD
content-length
0
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
vary
origin access-control-request-method access-control-request-headers
test_cookie_set
auth-andreas.com/multiauth/ Frame
0
0
Preflight
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_set?testcookie=cshwe5tb1nhyek3l08hwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Access-Control-Request-Method
GET
Origin
https://l6b5a4qa51ba.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-max-age
600
allow
GET,HEAD
content-length
0
date
Sat, 22 Jun 2024 13:10:19 GMT
strict-transport-security
max-age=15768000
vary
origin access-control-request-method access-control-request-headers
test_cookie_set
auth-andreas.com/multiauth/
10 B
311 B
XHR
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_set?testcookie=2sb5lrykcn22mjgn2satoo
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
3b9de8f3bb4d65ebe964703b38c9ce2f3b40a58b33484e6eed8f92bbd5f10a4f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
X-Multiauth-Version
authy
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://l6b5a4qa51ba.com
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
content-length
10
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
test_cookie_set
auth-andreas.com/multiauth/
10 B
309 B
XHR
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_set?testcookie=cshwe5tb1nhyek3l08hwq
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
3b9de8f3bb4d65ebe964703b38c9ce2f3b40a58b33484e6eed8f92bbd5f10a4f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
X-Multiauth-Version
authy
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://l6b5a4qa51ba.com
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
content-length
10
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
3244.a4fbc0e2.chunk.css
front.cdn-ba.com/spa-static/0.0.315/static/css/
120 KB
24 KB
Stylesheet
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/css/3244.a4fbc0e2.chunk.css
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2949367eb9cba915a937c910250482630b0d932f96b71b21edbba9c9c87bf8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8982
etag
W/"666ab089-1e1f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9sBrMTSJLTQpwWYZYVxFIdifhTwqZFT4nNGP61Nt7hV2MAb1jpRRheeF3YvFCapCqKC9uZOdlujVORU%2BFCvZD%2Bfj329wHeN7dzMJNj4xVogI0IqrDJCivah45PUPyk6pszU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5a2d3a2c18-FRA
expires
Sat, 22 Jun 2024 14:40:38 GMT
3244.024c2f0f.chunk.js
front.cdn-ba.com/spa-static/0.0.315/static/js/
637 KB
166 KB
Script
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/js/3244.024c2f0f.chunk.js
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42dd9248b3e3b4b1df3d3ffbd7be2d97c554edcce8cd56e19f68a730f3976c96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9395
etag
W/"666ab089-9f451"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L380HLHIzc%2Fvr2VqzyTFNO10o61b%2BncnhVEELL0xcJxgG%2BILUHT0hCFV4Qu9MHb6PSGg58fGzpFweDfzAia%2FoppNrPdM8sT8ELg1vEFzD4Sd2tZWeeFz93RNWnfUHUgYjhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5a2d3d2c18-FRA
expires
Sat, 22 Jun 2024 14:33:45 GMT
4576.ba81490b.chunk.css
front.cdn-ba.com/spa-static/0.0.315/static/css/
96 KB
25 KB
Stylesheet
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad30ca005e449e46410ec2b24a72685f1287bc3c5c96fc957105b41656228247

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9529
etag
W/"666ab089-17f2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DXr80LPhELW7kdFkruakXpiL5OxZePdnRx8xwwWqVXybgJ3uUyLccirIhPWeReIqiyMLbax%2BGPro51GZzU0falxevIf4imM%2FRq7p3ZsSeIWcORxqXHLQW%2BQNGqhUOkNsKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5a2d3c2c18-FRA
expires
Sat, 22 Jun 2024 14:31:31 GMT
4576.9f54ca9a.chunk.js
front.cdn-ba.com/spa-static/0.0.315/static/js/
256 KB
73 KB
Script
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/js/4576.9f54ca9a.chunk.js
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/main.48be8eb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742999568c54f18c500f5f540fa76d7f3830ec208c289e0bdc3de5a1afa5b610

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8982
etag
W/"666ab089-3fe9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOqL%2F4bH6H9vgyD0om9PM71zIVQoiBlIXoqyMHAXKqF8W8MKPHxHAVTHvP7ikFdRRcJ3PB%2BAB6xct9y4O0yEqrdbu9iFm1qGmzUl%2BFU%2FkfuclBU6F%2BjFC0bei8nG47mj09k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5a2d3f2c18-FRA
expires
Sat, 22 Jun 2024 14:40:38 GMT
sdk-Wxo6SO8GIuzQm04q
gba.lnabew.com/sub/
14 B
0
EventSource
General
Full URL
https://gba.lnabew.com/sub/sdk-Wxo6SO8GIuzQm04q
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.154.151 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.151.154.132.142.clients.your-server.de
Software
Caddy / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://l6b5a4qa51ba.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=31536000
server
Caddy
x-powered-by
Express
content-type
text/event-stream
access-control-allow-origin
*
cache-control
no-store, no-cache
alt-svc
h3=":443"; ma=2592000
expires
0
api.js
www.google.com/recaptcha/
1 KB
967 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/3244.024c2f0f.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed387e241d87000ab43b49f66cc66727d07e03b2ca1dd233865bbd6f12e63045
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 22 Jun 2024 13:10:20 GMT
close-button.a13778e35e3080e47bc4.svg
front.cdn-ba.com/spa-static/0.0.315/static/media/
205 B
463 B
Fetch
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/close-button.a13778e35e3080e47bc4.svg
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36107165b26c1b2e48c73ba42d745438f94d26939f4886cdbc7e513e3b1023e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666ab089-cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bx5AdgnBK8ucjL7EZM4iuDh4I5wtzLpFqCoiu8TPfDI8n9Bh3%2B1m3sVCetWTcI9MkGf815AfKIAESsuQotKnaqDJlZDyuugOq03MBaekgJmvDbZ8QVP%2BF2YLHNh4lvNg9Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5b0ef33668-FRA
expires
Sat, 22 Jun 2024 17:10:20 GMT
388.js
microfrontend.wol-prod.com/
922 KB
260 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/388.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa434afeeacf81bcaa207fa309ab7a6f8d460e8cf60f16aae8cdfedb1d80ce12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-e66a6"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYtkBLnM%2FJndJDnLKjI7KNDJ8cOgnOkgx9AqYbnH%2B47q4KolY1Fdv6h53gckWJVd2tFR%2Fi%2FUljsYekJpFTAZ3tMRlSkrtI9i6ubiS9%2BXTQmzLupE7eZ5OnZVgCQhuTe7a%2BC1ILpprGGs2dWoINrNjG1ZWaNa763L8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed5f9fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
822.js
microfrontend.wol-prod.com/
35 KB
10 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/822.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5eed2321ee072cb15c3982b700672581e48b38fe711e41278bb28ad39cfe37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-8c8c"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbyovYG5%2B15yjSu9cWl7yn9jEXaGWotCcJKLUHcVGzH3QqAqkQ%2FnK3su6c81DlyKgnLE67L6pQbWqPrtdOndAQGx4EnYit6iyINrdgWnhvSHg3ga4h%2FRWKMQhCWewYjUCIMtRer6Oe%2B6X7SgSXTjAiTi2LLt2G%2BF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed649fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
37.js
microfrontend.wol-prod.com/
226 KB
52 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/37.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c149cdf83ba69e244c802af3ecfcdb0a462999404ebe1ff1438746aa7a9b4b6d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-3884e"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkpNuXrFZMS6cgBb%2FioWKD4Z4QE6joJ%2FGIqRNjzea5TvR3bTv2b49SPuNX%2BPBNIqSWGfixQ5%2FPvDwWn%2FiZTL7WKFjZLFUZTAnijaX%2FK1aDYHyJtQ9r57cm%2BdltmM0ECrOZBkQf%2Fu5%2F0WWtNFHLsB0EdQCNsXHEcJbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed669fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
481.js
microfrontend.wol-prod.com/
77 KB
15 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/481.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5543757734e4f4c6237054148c1bcfa361e45637403a9976056a8a39e70056
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-1321f"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLVbGqkntvkl4K%2BS9NgIrrB7tenoCNpbjrc32ZeIcOz0IcXJjoTYS%2BgVt2YTaFgmra8xVOP2j2QFSD3lhG7LQN1NjP%2B3B6yhQ06oJkMKzLhg0TbPubPK%2B2%2Fi1vtkj%2BIE7Bgn5v%2FQ%2FBnf8qiM8DC04owmd8HjB52M2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed689fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
971.js
microfrontend.wol-prod.com/
230 KB
47 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/971.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44efe5378e086f05982b735ba74b2cf5d46a0df018e3d97ae2222dd7a03d3214
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-397f5"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8%2FGsKLGKBDfepBLatUZGu3I58b6bBTMcJqNrVrwvmvremRuAHP8Ih30anqarw1e2gys04OLuFEBkYMJ4%2F9jE%2BOZALX4oDid7kQFPwO8AhptmBtiP3WizPznk1nsREU4X9UylUimBft67eNPL7TIHAYzx%2BMuNOaiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed699fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
83.js
microfrontend.wol-prod.com/
4 KB
1 KB
Script
General
Full URL
https://microfrontend.wol-prod.com/83.js
Requested by
Host: microfrontend.wol-prod.com
URL: https://microfrontend.wol-prod.com/wheelV2.js?v=1718267863675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022395621a9e231334cdd24fdeae9d40ac9f6633d8660add4531032e4b08a938
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-e7d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S65cEUeS5ROMLeP0KtMapaKJHTztcpi%2BcTaVIujku8lcVbMjd5L1hyo6Ep6wgaCX74dE%2BjHqZFLX3riwj8pOnV2cKpblnnV3CZV4rmHzIIbuO91cinCZ7n01H9CxdeQC8Buko6tO0N5fYw9%2BXbDJXQZb0mc7badeJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5aed6a9fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
credentials
l6b5a4qa51ba.com/api/v1/websocket/
270 B
471 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/websocket/credentials
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8bff406362a20fe159fee77c7b5af790d4d1023a098f49aa7ba52edfbbfbd20e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-a48ca00248066a88-0
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
0c310277cb585929ca3e6e1775316d2d
expires
Sat, 22 Jun 2024 13:10:20 GMT
logo
l6b5a4qa51ba.com/api/v1/
418 B
385 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/logo
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5378f5b59e9e8bb6aaf3f27d3b5e6049dfe64826de14c29dde208021daf483b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-b7d7d3c3d3aa496b-0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
etag
W/"a1b3326a14641d8fe40fcbe8045faf9e"
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
903dcc706e4f61334f3f9b0293c8a9da
expires
Sat, 22 Jun 2024 13:10:20 GMT
countries.json
l6b5a4qa51ba.com/api/v1/
32 KB
6 KB
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/countries.json
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
13360d6c6eb148f98189a82b0ea3f96148d9d4c31039502177d9e9caa9f9bc47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-bfca7fe3c7c29630-0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
etag
W/"6ddbf8154d57578443f7c68232f40d64"
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
8c670ad45bff4933b9b1d344268a1a3f
expires
Sat, 22 Jun 2024 13:10:20 GMT
loader_v3.9.2.js
ba.z80p7o8nb7l.com/web/v3/OszY8YxLtMbMKK8o3fGo/
145 KB
52 KB
Script
General
Full URL
https://ba.z80p7o8nb7l.com/web/v3/OszY8YxLtMbMKK8o3fGo/loader_v3.9.2.js
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.74.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0bcf737c74e0490b.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
d68ee897f54855f187b9b66c3a43506cb04586dac65ae3e8c42870f0cc893bd6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
awselb/2.0
etag
W/"6LReP9aO8QO1WHbvT10MNL9mS/g"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3660, s-maxage=586347
cross-origin-resource-policy
cross-origin
x-robots-tag
noindex
timing-allow-origin
*
content-length
52695
get-list.json
l6b5a4qa51ba.com/api/v3/widget/
117 B
348 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v3/widget/get-list.json
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
36c3f374b4cb3ca2d9059896b301bf2c4167a072f4c8c009a9d7ba829428985f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-a274bae69a655df0-0
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
aee79e4f25753bf6584ef07b3b842b79
expires
Sat, 22 Jun 2024 13:10:20 GMT
bg_desktop.775296e86236fb5600de.png
front.cdn-ba.com/spa-static/0.0.315/static/media/
1 MB
1 MB
Image
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/bg_desktop.775296e86236fb5600de.png
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002348c323bc3d2efd7520f2f06864ccc0089fe228bb27d6fd8a09ad07301de7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6355
content-length
1106304
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
server
cloudflare
etag
"666ab089-10e180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXJxw0boMGJHHjlijwDTUri%2FIcT812YF%2FZ0ypdmXn27sSPFWoIwY2gMXgS0xEX%2BM%2FAkAUcuQYNp2HRT6AjPNmte0hqJWfQypFGGAYEowYQ81VzhpvG3ILMAhNVjwJfUOHrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a5afe732c18-FRA
expires
Sat, 22 Jun 2024 15:24:25 GMT
line.ae8854258b5ba91741ed.svg
front.cdn-ba.com/spa-static/0.0.315/static/media/
187 B
480 B
Image
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/line.ae8854258b5ba91741ed.svg
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad228f06c507de84412157bcc37a2212fdcbe9d5ea9c7d6f6bad0ea42fff763

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8537
etag
W/"666ab089-bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMBzSltE8VjmbVr6h3BA2Do8vBr2U2qAFcHh5iCZ9uR3uRndcHdf1hAiPgOEyeNdZpGUKUMuTMnbuOFFG4nhczRmpS%2B2rFeZF9DSHOyqIl8DpHMtN3%2BtClH6rzE1NcSuKqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
897c7a5afe762c18-FRA
expires
Sat, 22 Jun 2024 14:48:02 GMT
RobotoCondensed-Regular.db6d916952fb988edac1.ttf
front.cdn-ba.com/spa-static/0.0.315/static/media/
166 KB
167 KB
Font
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/RobotoCondensed-Regular.db6d916952fb988edac1.ttf
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"666ab089-29778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdsZp4mbzEszDKczkaEmAM7F8ZXorXPgvOT%2FklszglA5YV9IFlcQNtmv2NjhBdXJXaqx5ZGmW6n8QfxpvGgtnA01WQkQSG5zfXS2rcNngtEvMahS4JUMrXEWMi7DBnVy4VM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a5b0eef3668-FRA
content-length
169848
expires
Sat, 22 Jun 2024 17:10:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/
518 KB
207 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 11:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210814
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Jun 2025 11:48:33 GMT
test_cookie_get
auth-andreas.com/multiauth/
21 B
247 B
XHR
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_get?testcookie=2sb5lrykcn22mjgn2satoo
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
0fb430e2fdf26d7e3ee13660211ba451888eb9d8a6c1de1731a8fd1121418823
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
X-Multiauth-Version
authy
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://l6b5a4qa51ba.com
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
content-length
21
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
test_cookie_get
auth-andreas.com/multiauth/ Frame
0
0
Preflight
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_get?testcookie=2sb5lrykcn22mjgn2satoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Access-Control-Request-Method
GET
Origin
https://l6b5a4qa51ba.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-max-age
600
allow
GET,HEAD
content-length
0
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
vary
origin access-control-request-method access-control-request-headers
test_cookie_get
auth-andreas.com/multiauth/
21 B
247 B
XHR
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_get?testcookie=cshwe5tb1nhyek3l08hwq
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
0fb430e2fdf26d7e3ee13660211ba451888eb9d8a6c1de1731a8fd1121418823
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
X-Multiauth-Version
authy
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://l6b5a4qa51ba.com
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
content-length
21
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
test_cookie_get
auth-andreas.com/multiauth/ Frame
0
0
Preflight
General
Full URL
https://auth-andreas.com/multiauth/test_cookie_get?testcookie=cshwe5tb1nhyek3l08hwq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Access-Control-Request-Method
GET
Origin
https://l6b5a4qa51ba.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-max-age
600
allow
GET,HEAD
content-length
0
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
vary
origin access-control-request-method access-control-request-headers
RUB.json
l6b5a4qa51ba.com/api/v1/currency-specific-settings/
609 B
415 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/currency-specific-settings/RUB.json
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
71413802653a94a3ef15105a438f99a0b2c31b1ba61794e84b36afa0d787f67b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
baggage
sentry-environment=production,sentry-release=cfd9cb6a18a3a13313c17dfb18a551e5c68b1e5e,sentry-public_key=48ebdb7ac45943e5b98e15a10534d92c,sentry-trace_id=338e8f6cce584c3ab92c4402357768aa,sentry-sample_rate=0.1
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sentry-trace
338e8f6cce584c3ab92c4402357768aa-84f76e0519277bcd-0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
server
nginx
etag
W/"280a952a362a82095d1a79d423866721"
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=3600, private
x-request-id
10e21f443b06f3c959dc33f66c47595e
LOGO.jpg
upload.cdn-ba.com/upload/images/logo/EURO2024/
7 KB
7 KB
Image
General
Full URL
https://upload.cdn-ba.com/upload/images/logo/EURO2024/LOGO.jpg
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5c0bc921fbf102695ba411b2c3e5520fffb54a0ff38187b331ff4969258778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17D882A26249ACC2
age
15786
content-length
6950
x-amz-id-2
dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Thu, 13 Jun 2024 08:21:28 GMT
server
cloudflare
etag
"8120ed62d6ba23a6141fb8af6ee58e7d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPsyHrWDxpJxBjxs%2B%2FuUOvzsI%2B%2FEkadhL7LlWkU4og1KTYUvDmtIxtMBIJYcN3PO8n95Xt9BJ2HitK%2Bs%2BBuBDxx40KIE1j5LvKW3g5EOOKo4pHOrR5OqJPryzVQ1%2FSvx8vxk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
897c7a5baf962c18-FRA
expires
Sun, 23 Jun 2024 08:47:14 GMT
logo.7b83e87bb57c0a5feccb.png
front.cdn-ba.com/spa-static/0.0.315/static/media/
14 KB
14 KB
Image
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/logo.7b83e87bb57c0a5feccb.png
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3e082f67cbac7fcbd062e58dbe3ba9c1207ee9fe37d73cb2e56a70c943557c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8537
content-length
13876
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
server
cloudflare
etag
"666ab089-3634"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLJCIaeKG6ny7LDA9f%2F8IEEi06npFd3XNmCu2vo5qMJY84XMYjbxjRFqtJzEneJzEqfNroAsQnsikziqgoy1sLd0As01rDr3L8Ra9oDG5xwuf1kX%2FChBW6H6RyMvZdFl3RE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a5b6f592c18-FRA
expires
Sat, 22 Jun 2024 14:48:03 GMT
ping
auth-andreas.com/multiauth/
37 B
287 B
XHR
General
Full URL
https://auth-andreas.com/multiauth/ping
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
3924c305d2bf14c93404f904cf9398ff87ff246717dc8830a5b26f4226f33bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
X-Multiauth-Version
authy
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://l6b5a4qa51ba.com
date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
zstd
access-control-allow-credentials
true
strict-transport-security
max-age=15768000
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
ping
auth-andreas.com/multiauth/ Frame
0
0
Preflight
General
Full URL
https://auth-andreas.com/multiauth/ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.26.99.196 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde719-1.fornex.org
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Access-Control-Request-Method
GET
Origin
https://l6b5a4qa51ba.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-max-age
600
allow
GET,HEAD
content-length
0
date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
vary
origin access-control-request-method access-control-request-headers
anchor
www.google.com/recaptcha/api2/ Frame B38A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjedcdAAAAAP2Nye_UzLHV2UrACn-rFd6Trx_B&co=aHR0cHM6Ly9sNmI1YTRxYTUxYmEuY29tOjQ0Mw..&hl=ru&type=image&v=KXX4ARWFlYTftefkdODAYWZh&theme=light&size=invisible&badge=inline&cb=bw5guus4nmnn
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/3244.024c2f0f.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KLMaDc7RroUP4lmvlalOsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://l6b5a4qa51ba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KLMaDc7RroUP4lmvlalOsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 13:10:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
81140ec3a09a328df184.mp3
microfrontend.wol-prod.com/
4 KB
4 KB
XHR
General
Full URL
https://microfrontend.wol-prod.com/81140ec3a09a328df184.mp3
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f409ec1060909c73405892e64a908ce47dbb2741961aba65714697a638f19998
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-1052"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
audio/mpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwEf9XsqQNV%2FZCnweZWfwboQ%2B6d%2BtIqH%2BiDeT9MD3Y58VnhDFqY6UzAsuO6L9R8yUoCRPMS2mbmydcV3QZ9lRC7EgG0Rg2SAhuolhqm%2BAz1XhGu%2FziOOOfQY4H1pG%2FNZPNHKO2XegromrIML35EtM2o4QDDS4A427w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5ccbe99f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
b9458107eb924fbd54ef.mp3
microfrontend.wol-prod.com/
92 KB
91 KB
XHR
General
Full URL
https://microfrontend.wol-prod.com/b9458107eb924fbd54ef.mp3
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b463d1eed6f1853c616327435cd40844c3b3aafbd7dd1f1e732f9f9cf42e5796
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-16f58"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
audio/mpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oW0k97jkkurkn0UuXAuqlbSKq2wRzJjDKyxj%2BnBiVtGVJd9wCqVA%2BRlc4KTTV1Npqrecn6eueXp9mRSo6E1IM9r7daZDtQXUDGD4HJ9Rp0Z3bsLC5kVF3V4ehfQaoogV3hfWuCMZM%2FDwD0b6wOzzshembdIYG%2Bynw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5ccbef9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
30c530a4a09e5625b890.mp3
microfrontend.wol-prod.com/
46 KB
45 KB
XHR
General
Full URL
https://microfrontend.wol-prod.com/30c530a4a09e5625b890.mp3
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4080708d40a8d6a2ae8c5932904d2285374ad40f7f2b2057c5bcf95ecd4139c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-b7ab"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
audio/mpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uAyYKRYnwpJ4Mfx4VVZF3mUrR1Y91hT7Czmy5QQ3UnGnGPgMc3lqQm9oo47rA3mZUCQGOhEhdgvHkOd2hdxwM1GSdWxhyMahcI17QE1pjgkVZDaGJYOtpiU41q6DcIctFvAqE9T6pq2ja%2FWzR3z5kDIzMqk4uhwsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5ccbec9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
1b9f91ad05d52262a856.mp3
microfrontend.wol-prod.com/
100 KB
99 KB
XHR
General
Full URL
https://microfrontend.wol-prod.com/1b9f91ad05d52262a856.mp3
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9776cb65f9f8d675ae0724381bf53529386e4a37f89113866ab94eb82833e3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-18fff"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
audio/mpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=moWGRlMjIHrjBgO5mrx4JVo4yZ2BhZxQBjdgjHeoOJYniMC3wQMwD5VVWzwGqUgaBt6i%2BI5A21kilH%2By3CZDA9phdNIC7mgyNj1ARUWaQeyUK2IKvVF3%2BzB%2F3wmz7CN0nPihJMJX%2BVljCH111F%2FUPRWB6%2FZ0J%2BbwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5ccbeb9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
6f6b64e8124ebf190995.png
microfrontend.wol-prod.com/
105 KB
106 KB
Image
General
Full URL
https://microfrontend.wol-prod.com/6f6b64e8124ebf190995.png
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f5cc3cbc5ee7495a0389e6125dff53982f20a6e9787c4b9c7d43ac1791de5b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
107512
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
"666ff751-1a3f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol7rJduZ25d%2FBebcjtqP77zLoXgSRNGUIU6gMAciAReJxQuGk5MPJbQoze8rVkqxE5PuEje4Q5vcMseH8%2BwsFSoX%2Fbr3seYOQJRpK7%2B8%2FJKtKOGgoV4KMNRsTKPdoqSQlqZHl5pNVI6uVWBspgJj2GFUvvhB8cJaDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897c7a5cffdb9fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
b518ca8a1f57c045a5e6.png
microfrontend.wol-prod.com/
238 B
871 B
Image
General
Full URL
https://microfrontend.wol-prod.com/b518ca8a1f57c045a5e6.png
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7050cf39966d1032b72f2d742a5d669c541447e7fa12532c6396897d8fdc9d34
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
238
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
"666ff751-ee"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvUeDZFr8jAaPKSeNcZHOsLrv1gYxQCKOBYY0LQ92tKxgj1%2FjRL8EcfE0yD172UnXUFHAGaTkfWpuM3HKLqfZiwG6hwXyCiSPMimG8EPDZnoZfP75cg7nZEeqYnceQMmM0OyPd6fnKD9GNawmzANxSvQW17GTEC9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897c7a5cffe69fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
768afc4d8c110e7422df.png
microfrontend.wol-prod.com/
2 KB
2 KB
Image
General
Full URL
https://microfrontend.wol-prod.com/768afc4d8c110e7422df.png
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd0894850f9197559bcf5c745ebd15984c6c559abfcf167d850d5f238cdbcea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1724
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
"666ff751-6bc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67A521oB0fM4Y%2FZlczugyLKQ2vqT%2FHgQo%2FobuFmu3eNbCvGbM1aVTiKWeKN32ytwpKE7A%2F8Mv%2Feq0BvWpE2QwP5MDnaeWhvLFA15T8y4UvEyQcwLNOBDevGMpHpxFyU7mAsBz1fMoF23oB%2FrE16Pk5yR%2BQl6YG8Zng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897c7a5cffeb9fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
989157f15aeb319063d7.svg
microfrontend.wol-prod.com/
2 KB
1 KB
Image
General
Full URL
https://microfrontend.wol-prod.com/989157f15aeb319063d7.svg
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715692bb4e93541071a0ad89402efa36881f62415d15abf0d6a005bf83a26c38
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-733"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FR0wXgpxdQcwx7OPu5DXell3GQ9zu3PPNnDWH1GwaebxSkrq0m4BEicjx97MSSNGQTeeGBkkTeltz0GLp%2BtjrLQLZYY%2Bf1wB%2Fw3DITFOZF838iEH1EeWVWlOwWJBR6QpQYvuByrUbrjlaYYu%2B2TjUnAhmczRfUXdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a5cfff39fbd-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:20 GMT
translations
l6b5a4qa51ba.com/api/v2/
0
782 KB
Fetch
General
Full URL
https://l6b5a4qa51ba.com/api/v2/translations?locales[]=ru&domains[]=messages&domains[]=promo&fallback=1
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/7793.76557332.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
server
nginx
etag
W/"5921a4d92bc8606d465d038a280f54f2"
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
bb60f741fe96d35cfb46ec266006fa17
expires
Sat, 22 Jun 2024 13:10:21 GMT
truncated
/
311 B
311 B
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/avif
t4k.json
l6b5a4qa51ba.com/an/band/
86 B
556 B
Ping
General
Full URL
https://l6b5a4qa51ba.com/an/band/t4k.json?dig=263870022
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/an/lib.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed19a513faaebc054241cadd5561cdecaa488c140f7955ee34b7ab5a81d5c172
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
1
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:21 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
content-length
86
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
t4k.json
rstat.rockmostbet.com/band/
86 B
539 B
Ping
General
Full URL
https://rstat.rockmostbet.com/band/t4k.json?
Requested by
Host: rstat.rockmostbet.com
URL: https://rstat.rockmostbet.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.5.93 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.5.55.162.clients.your-server.de
Software
nginx/1.26.0 /
Resource Hash
8a03bc332e7ac00ccec4f78dd45cd610920174ad9a663efafd629e3c5c6a4000
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-response-time
8
pragma
no-cache
date
Sat, 22 Jun 2024 13:10:21 GMT
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx/1.26.0
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://l6b5a4qa51ba.com
access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
Mon, 01 Jan 1990 21:00:12 GMT
b
ba.z80p7o8nb7l.com/rwwtNq/rpD-/nFWC/ssJL/
96 B
447 B
XHR
General
Full URL
https://ba.z80p7o8nb7l.com/rwwtNq/rpD-/nFWC/ssJL/b?q=OszY8YxLtMbMKK8o3fGo
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.74.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0bcf737c74e0490b.awsglobalaccelerator.com
Software
/
Resource Hash
121b0a87cd57732157eb586b87f0a75905f320b987c344ac1000cbc0f038d97d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
DENY
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Retry-After
cache-control
max-age=31536000, immutable, private
timing-allow-origin
*
x-robots-tag
noindex
content-length
96
LOGO.jpg
upload.cdn-ba.com/upload/images/logo/EURO2024/
7 KB
0
Other
General
Full URL
https://upload.cdn-ba.com/upload/images/logo/EURO2024/LOGO.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5c0bc921fbf102695ba411b2c3e5520fffb54a0ff38187b331ff4969258778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17D882A26249ACC2
age
15786
content-length
6950
x-amz-id-2
dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Thu, 13 Jun 2024 08:21:28 GMT
server
cloudflare
etag
"8120ed62d6ba23a6141fb8af6ee58e7d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPsyHrWDxpJxBjxs%2B%2FuUOvzsI%2B%2FEkadhL7LlWkU4og1KTYUvDmtIxtMBIJYcN3PO8n95Xt9BJ2HitK%2Bs%2BBuBDxx40KIE1j5LvKW3g5EOOKo4pHOrR5OqJPryzVQ1%2FSvx8vxk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
897c7a5baf962c18-FRA
expires
Sun, 23 Jun 2024 08:47:14 GMT
BA%20Favicon.svg
upload.cdn-ba.com/upload/images/logo/
1 KB
972 B
Other
General
Full URL
https://upload.cdn-ba.com/upload/images/logo/BA%20Favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7330ea36af9afcada41dca279f4b4f47b34f8b0e9d550d8e9e83a0a7d7150d19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17DAFCC5A83C5E55
age
11191
x-amz-id-2
dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 10:02:12 GMT
server
cloudflare
etag
W/"878b56427d7d01b4209b56696838101b"
vary
Accept-Encoding, Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nucc%2BUQwQF4sBBoeCRctTUskeAXqMf94YACLwiNwM28mOIdVg%2BaoUtEZV8%2Fgv7Be%2BEC0MqLEhPGJL%2B5sHQXiqz8z7NWb1UzVALJBK7ufSH6%2BAH%2BDrpsb58JOXDrZiR44GKxg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
897c7a5eab482c18-FRA
expires
Sun, 23 Jun 2024 10:03:50 GMT
truncated
/
38 B
38 B
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
bframe
www.google.com/recaptcha/api2/ Frame 48B5
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=KXX4ARWFlYTftefkdODAYWZh&k=6LfjedcdAAAAAP2Nye_UzLHV2UrACn-rFd6Trx_B
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LQwr-hNlcvh-_QMzInJG2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://l6b5a4qa51ba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LQwr-hNlcvh-_QMzInJG2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 13:10:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
519fe5011c7ec9bf82eb.woff2
microfrontend.wol-prod.com/
13 KB
14 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/519fe5011c7ec9bf82eb.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887d17a76a1a125087b3c48038fca8e79c07c7de0d216635a400ccee99c5509c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-3500"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrSx%2FHvlX9y5Wl8so9zJZLuk6oeu28S4HWrw7Mww8FScK8Ec33CrO%2FkkSmrQdIsTOZdA1y8GLX0Ixp0zT80RAlUd9uulykGDZ0GHj204LWt3gwfTCxqDGiUuyzwfygmvST8TPlGW3BMF3EGQOZ9tlek1AXTHXD6Alw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a606fa09f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:21 GMT
eccbcfa9bc0203198ac6.woff2
microfrontend.wol-prod.com/
107 KB
107 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/eccbcfa9bc0203198ac6.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-1ab80"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGpemiLKtUxFy3dN5wq80NnEgTGF5kwoRqRL2XNBYU0zORa8m97MWsuzlwBP6hiJYC2BBsjtr%2BwCj14oBfd%2BHWhfifccu2ufyip7Fv%2B0JoWeLloEgTO%2BnGG8jlClR6a5bNwKwICZrJJFj5nYY%2ByM9SE6gx3QQAaPkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a606fa39f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:21 GMT
5f27f8821aec42d4722b.woff2
microfrontend.wol-prod.com/
84 KB
85 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/5f27f8821aec42d4722b.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6508912846928f076136eacbc8c585d05ff2cc582d8792217edb1a332127e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-14fd4"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmQgN21HgToUhWpGDb3Rpt1ZsBkepV%2BuMtQfnTkuIb6b24lX81vtClrveB0EtT9rGESZ5uIuNcD33M%2Bl7iTbMro%2FaufwGKD5So%2FB50iJVE9vAytls5274R%2Bm5mOje6JbZ9%2BCKTX3gk0nRaczCf%2BR563vO5Nz43v2rw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a606fa49f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:21 GMT
9d446dac-661c-4363-8abd-2b83a24ddf1c
https://l6b5a4qa51ba.com/
650 B
0
Other
General
Full URL
blob:https://l6b5a4qa51ba.com/9d446dac-661c-4363-8abd-2b83a24ddf1c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ff828c84bf585c23f877d504e32933a2961e8398bf2b753a156201ca8b810c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
650
Content-Type
application/javascript
02867f30-d336-475b-820a-e728a261b1ca
https://l6b5a4qa51ba.com/
951 B
0
Other
General
Full URL
blob:https://l6b5a4qa51ba.com/02867f30-d336-475b-820a-e728a261b1ca
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
660eecf5b05bb9d98f76e921e550c66326f66c95069cea5a94f7e26f44f92352

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
951
Content-Type
application/javascript
LOGO.jpg
upload.cdn-ba.com/upload/images/logo/EURO2024/
7 KB
0
Image
General
Full URL
https://upload.cdn-ba.com/upload/images/logo/EURO2024/LOGO.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5c0bc921fbf102695ba411b2c3e5520fffb54a0ff38187b331ff4969258778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17D882A26249ACC2
age
15786
content-length
6950
x-amz-id-2
dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Thu, 13 Jun 2024 08:21:28 GMT
server
cloudflare
etag
"8120ed62d6ba23a6141fb8af6ee58e7d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPsyHrWDxpJxBjxs%2B%2FuUOvzsI%2B%2FEkadhL7LlWkU4og1KTYUvDmtIxtMBIJYcN3PO8n95Xt9BJ2HitK%2Bs%2BBuBDxx40KIE1j5LvKW3g5EOOKo4pHOrR5OqJPryzVQ1%2FSvx8vxk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
897c7a5baf962c18-FRA
expires
Sun, 23 Jun 2024 08:47:14 GMT
bolls.d50d9c1d5339d8e86d65.png
front.cdn-ba.com/spa-static/0.0.315/static/media/
52 KB
52 KB
Image
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/bolls.d50d9c1d5339d8e86d65.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b668386d52167ffa43404be434f8ada0d1c5ca0c17095ca24d149416b231da53

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"666ab089-cece"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0CsfrTQKOCnZCI76F9NiP0pzKl2uFEhQxfZOPmA%2F%2BSsA9d6%2BnOW1%2B4YDs50fNZPIz0YLyWEtyY92jI%2BPwj0ha9TedW1KyDNjqN08GJyOeUIoRaPLfs0Qki%2B2odf9GTDjuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a61ffa82c18-FRA
content-length
52942
expires
Sat, 22 Jun 2024 17:10:21 GMT
wheel.json
microfrontend.wol-prod.com/spine/wheel/
760 KB
37 KB
Fetch
General
Full URL
https://microfrontend.wol-prod.com/spine/wheel/wheel.json
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49c9f1c05ba3d102f2f56529a9fc232f66e625d7ad0ddd3835f49c526210fd8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-be03c"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ea3Y5bFgWBLDUgVuaLKfY4ni4hP0WurukUzGgJwptTL8yoKsOVdHThyv4m8gC0dLrOK64rMkvm%2BxDAuKMY1flZIOp7wZJG16DYczB8wvX26YIvAONvmfnaGXd%2BG5CUc4VMsd%2BwlluSyC03peTHragHCEOwQ6Dw5Iww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a61f9649f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:21 GMT
error.eb0b0b5bf90eecf68c89.png
front.cdn-ba.com/spa-static/0.0.315/static/media/
247 KB
248 KB
Image
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/error.eb0b0b5bf90eecf68c89.png
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c1a085685836131fe2b5c8ba665643a9472c45d8ae2904525a039ac28f62bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"666ab089-3dc5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgUK8OBpZcKXSb3P4m9gT6jzjEfTA9Sx52bns%2Fq4TfFf7XOXLnZgPO1Jgc7CTnyMTf9wvt3JFfwOhkxTGQHBnRtEAETGsRs8fz%2BaEQU4t11uQTJAO3N%2B4mZQTr4FSmfB1T4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a61ffab2c18-FRA
content-length
253023
expires
Sat, 22 Jun 2024 17:10:21 GMT
Roboto-Bold.4f39c5796e60c9d8e732.ttf
front.cdn-ba.com/spa-static/0.0.315/static/media/
166 KB
167 KB
Font
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/Roboto-Bold.4f39c5796e60c9d8e732.ttf
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"666ab089-2996c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jiRdJU0SBVqmjNK6z2buCKbpl0jL5Uqe9TcnRv%2Fe8NGtC8hd7BoLL2dS56ktxZFoCREXqSu%2FzNWko7jgtTgwCTltAR0D0A5pKRLv11fSUdSixBd2%2FnKMj8DhL1BSJDFKDNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a6209023668-FRA
content-length
170348
expires
Sat, 22 Jun 2024 17:10:21 GMT
Roboto-Medium.13a29228654d5c5ec9c4.ttf
front.cdn-ba.com/spa-static/0.0.315/static/media/
168 KB
168 KB
Font
General
Full URL
https://front.cdn-ba.com/spa-static/0.0.315/static/media/Roboto-Medium.13a29228654d5c5ec9c4.ttf
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://front.cdn-ba.com/spa-static/0.0.315/static/css/4576.ba81490b.chunk.css
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 08:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"666ab089-29e88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1F0LIT%2FyNVoN%2FQe4JmkN7UQePIgjQ8HegIVDsX7r4m%2BfpjPUSsgFfDy3cnrS2zw2f5c3I%2BPtSY3KI6Iy5Riemdr%2BbLtR5Vrz%2FtqNxGOF2tLPhKanTeNwtx9r3eG8S%2BEwgY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
897c7a6209053668-FRA
content-length
171656
expires
Sat, 22 Jun 2024 17:10:21 GMT
atIF9yoiue
code-ya.jivosite.com/widget/
17 KB
6 KB
Script
General
Full URL
https://code-ya.jivosite.com/widget/atIF9yoiue
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/4576.9f54ca9a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
f27c8b221dfa3ccdbddaeea09f5d4e9f39abf8fe06fb2efe5af493b51b93feda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-06-22T12:56:35+00:00
x-geo-shard
sber1
content-length
6056
x-node
am4-up-gc95
last-modified
Thu, 13 Jun 2024 15:39:06 GMT
server
nginx
etag
"666b129a-17a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
expires
Mon, 17 Jun 2024 16:51:29 GMT
wheels
l6b5a4qa51ba.com/api/v1/novruz/
7 KB
1 KB
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/novruz/wheels
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c3e69ab6c77b0d1c7457138d0ba75fc88a3161f7effe877fa55812f7fe0b36d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
e22eb344548f20f095ef94f08c5e8eed
expires
Sat, 22 Jun 2024 13:10:21 GMT
footer_links
l6b5a4qa51ba.com/api/v1/
2 B
254 B
XHR
General
Full URL
https://l6b5a4qa51ba.com/api/v1/footer_links
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Language
content-type
application/json
cache-control
max-age=0, must-revalidate, private
x-request-id
cd17fc7cb39a9fed5f3b81a7e9997b59
expires
Sat, 22 Jun 2024 13:10:21 GMT
wheel.atlas
microfrontend.wol-prod.com/spine/wheel/
1 KB
2 KB
Fetch
General
Full URL
https://microfrontend.wol-prod.com/spine/wheel/wheel.atlas
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2f678c1116724ec45697dc486821251558918da4b1dce95b3028680a5500e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:21 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1109
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
"666ff751-455"
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lANF5StLEHi1ieNcEH1Q2igPnWX1CoGkkKHoFnIJOC2c%2BZmCpmY8QGPnUeO8E8l0EkSuQkGYOT7bFWec5sjLA2oEl%2BXu4H%2FXd%2B8AjTcKCnkQLs99nkCFlcExiQkkiG82xMX6E2Z1sC1CgQJkFl1Vai1uciaFfrktOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897c7a62aa2e9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
atIF9yoiue
code-ya.jivosite.com/script/widget/config/
5 KB
2 KB
XHR
General
Full URL
https://code-ya.jivosite.com/script/widget/config/atIF9yoiue
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
ca6307ea1d37473ee8bfa3803cf504ed8b49e1239ddfa3b1172f808d8d616d52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
x-cached-since
2024-06-22T11:34:50+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
sber1
content-length
1544
x-node
am4-up-gc95
expires
Sat, 22 Jun 2024 13:34:50 GMT
atIF9yoiue
node-sber1-az1-25.jivosite.com/widget/status/561276/
1 KB
2 KB
XHR
General
Full URL
https://node-sber1-az1-25.jivosite.com/widget/status/561276/atIF9yoiue?rnd=0.43134281437559285
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.128.74.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3227037.ip-57-128-74.eu
Software
nginx /
Resource Hash
088ae9a7a790dbe6caed45f05231bf9d93778fb3a79e3e168858d962aca3e7ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 22 Jun 2024 13:10:22 GMT
Content-Security-Policy
frame-ancestors 'none';
Server
nginx
X-Botmode
no
X-Geoip
DE;HE;Frankfurt am Main
X-Frame-Options
DENY
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://l6b5a4qa51ba.com
Access-Control-Expose-Headers
X-Geoip, X-Botmode
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Max-Age
1728000
Content-Length
1291
bundle_ru_RU.js
code.jivo.ru/js/
1 MB
252 KB
Script
General
Full URL
https://code.jivo.ru/js/bundle_ru_RU.js?rand=1718634647
Requested by
Host: code-ya.jivosite.com
URL: https://code-ya.jivosite.com/widget/atIF9yoiue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
99537311c3acddad0c916f0f2c7ffbf78758f31da43a7226009c7fc478fdd1e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-06-21T14:31:18+00:00
x-geo-shard
sber1
content-length
257469
x-node
am4-up-gc95
last-modified
Thu, 13 Jun 2024 15:39:06 GMT
server
nginx
etag
"666b129a-3edbd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivo.ru/css/85fc868/
146 KB
41 KB
Stylesheet
General
Full URL
https://code.jivo.ru/css/85fc868/widget.css
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
f290c933de960f24d841a8111ec0508d1ba71d6558a5ff51c8b12609c4f83075

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-06-17T14:31:14+00:00
x-geo-shard
sber1
content-length
41753
x-node
am4-up-gc94
last-modified
Thu, 13 Jun 2024 15:39:05 GMT
server
nginx
etag
"666b1299-a319"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Thu, 27 Jun 2024 14:31:14 GMT
omnichannelMenu.widget.css
code.jivo.ru/css/85fc868/
4 KB
1 KB
Stylesheet
General
Full URL
https://code.jivo.ru/css/85fc868/omnichannelMenu.widget.css
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
43b95cfaa1ccd3243f3a3dcbabaf03e605aff865b5458c7a88ee7dd5673d98c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
gzip
via
1.1 sharxy
x-cached-since
2024-06-17T14:31:15+00:00
x-geo-shard
sber1
content-length
1339
x-node
am4-up-gc95
last-modified
Thu, 13 Jun 2024 15:39:05 GMT
server
nginx
etag
"666b1299-53b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Thu, 27 Jun 2024 14:31:15 GMT
omnichannelMenu.js
code.jivo.ru/js/85fc868/ Frame DEE9
34 KB
9 KB
Script
General
Full URL
https://code.jivo.ru/js/85fc868/omnichannelMenu.js
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
6e75c6a2ae984df7245076c3606c628324dbad9d2e1222e09c06a34c09e3dc14

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-06-21T14:31:20+00:00
x-geo-shard
sber1
content-length
9631
x-node
am4-up-gc95
last-modified
Thu, 13 Jun 2024 15:39:06 GMT
server
nginx
etag
"666b129a-259f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20c132e4b881d0220c419de31a745bdaaf4c0945ddd882177f0aed277df98d2e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivo.ru/sounds/
4 KB
4 KB
Media
General
Full URL
https://code.jivo.ru/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://l6b5a4qa51ba.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
via
1.1 sharxy
x-cached-since
2024-05-24T11:13:27+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
sber1
x-node
am4-up-gc95
Content-Length
3760
last-modified
Thu, 23 May 2024 14:12:31 GMT
server
nginx
etag
"664f4ecf-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 23 Jun 2024 11:13:27 GMT
notification.mp3
code.jivo.ru/sounds/
6 KB
6 KB
Media
General
Full URL
https://code.jivo.ru/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://l6b5a4qa51ba.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
via
1.1 sharxy
x-cached-since
2024-05-25T16:16:11+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
sber1
x-node
am4-up-gc94
Content-Length
5808
last-modified
Thu, 23 May 2024 14:12:31 GMT
server
nginx
etag
"664f4ecf-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Mon, 24 Jun 2024 16:16:11 GMT
outgoing_message.mp3
code.jivo.ru/sounds/
5 KB
5 KB
Media
General
Full URL
https://code.jivo.ru/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://l6b5a4qa51ba.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
via
1.1 sharxy
x-cached-since
2024-06-02T09:20:36+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
sber1
x-node
am4-up-gc94
Content-Length
5014
last-modified
Thu, 23 May 2024 14:12:31 GMT
server
nginx
etag
"664f4ecf-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Tue, 02 Jul 2024 09:20:36 GMT
chest.json
microfrontend.wol-prod.com/spine/chest/
146 KB
28 KB
Fetch
General
Full URL
https://microfrontend.wol-prod.com/spine/chest/chest.json
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d49f5219172d5b359fa37f4fa212cd3f5e673a7f2ce8a0a9f5165d4d93d1713
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-24899"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJtz7%2BlrggCkRRSARWLr6u%2Fa%2FO2sbmvTW7Jq%2Bn0l8fBAUr4taLs5uu%2FER%2F4GZn%2FxdwEx4yzHWKMvPD9TMkvRdBeaQzcVQDiiZs8trAqDIBahBdTInqLSQYiuMiR1d7ojb3P2I15FuIBQyxYqAYXmINRTqB390%2BVcHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a6848e49f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:22 GMT
chest.atlas
microfrontend.wol-prod.com/spine/chest/
507 B
1 KB
Fetch
General
Full URL
https://microfrontend.wol-prod.com/spine/chest/chest.atlas
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387115160f0df5b9e7c36b28849fc30b81c7833f78997b1f6b890a56a3f54873
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
strict-transport-security
max-age=15768000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
507
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
"666ff751-1fb"
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSkWv5%2F6QXObBZ8CvEgkp%2FNy57BSUvrDDmzyrSupCF3%2Fsa8%2BGGKpq9titqxYsiYSvxqU6e%2FDHDot5HqKDYB7%2FTL5Ose922yRpBe37PyP4CFWfFs2v%2BUlCrid%2BSdHw4m6%2Fvn%2FYmrtjSEFfETzUS3%2FQU%2BKO%2F1AuVyMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
897c7a6899489f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
fc0337b9cf1cce2e6e1e.woff2
microfrontend.wol-prod.com/
65 KB
66 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/fc0337b9cf1cce2e6e1e.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-104e8"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7DFnWpFswWbBYafUTiwq4sgEzDmN67o4FilzXZrtnX%2FiQBSEMaWs%2FQ4USJQ%2BDWWt9H0UcPAJ9FMzmgRGrvWXCWwJkhLw0zdj3Lj1iAG624ubhSef8o2jxTVOtU%2F6QtHDYkkipIu%2FJ7d9REj0qZDzK3%2FokZo0Mz7eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a695a3e9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:22 GMT
89a9636dcf42486a3915.woff2
microfrontend.wol-prod.com/
13 KB
14 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/89a9636dcf42486a3915.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0dd9a00aedfdd02b620b77d3567f1207d20467034df231b5b49b92edb9c88b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-350c"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1Htu1T%2BLjITCh%2FtaK0l9n1KOJy6irBrtxBysuujS8Jjfhv%2BUGlGRCjC%2F%2FJiyDSXoQLMwhs0RBQsm4Fr6vP3b3rPAq5TpFFRIxS4N%2F32EhKS6tSSwXm4HoAW%2FU6SpVsVTrBMxezxJnVSqhZcfChsKhzP6RwZMW3u0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a695a409f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:22 GMT
14e4c58706f435afaa8c.woff2
microfrontend.wol-prod.com/
82 KB
83 KB
Font
General
Full URL
https://microfrontend.wol-prod.com/14e4c58706f435afaa8c.woff2
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/0.033538629333420555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af8c0c38b9351c078bb5cd5de9029b524660f563573cc9b7e9d4e273e5701df
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:23 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 08:44:01 GMT
server
cloudflare
etag
W/"666ff751-14858"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbEjxRUe6F8dQ%2BoZ%2FvkQOb0Lu1%2BfApCxKPhrMkXsI5YkI9lXVb43Rwbm5StrhbgQzONsk2243PdIpIgL3qjrDfPKQTU%2Flvy39sgGuzjrwdGZ9%2B6p6BUWTfjluhP3pPTJu9ZF9am46ioAZNyZ%2FyvZMxikn4vsZMqnGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
access-control-allow-credentials
true
cf-ray
897c7a6afcbc9f99-AMS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sun, 22 Jun 2025 13:10:23 GMT
favicon.png
l6b5a4qa51ba.com/
3 KB
1 KB
XHR
General
Full URL
https://l6b5a4qa51ba.com/favicon.png
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4014eff0f88e84f569c8e40958237fb616995052fcf80ebc5019721976466da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-client-version
1.0.1
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-client-platform
desktop-web
Accept-Language
de-DE,de;q=0.9;q=0.9
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/0.033538629333420555
x-client-device-id
8qcoemuvlqhubtu5fqcp
X-Requested-With
XMLHttpRequest
x-client-name
betandreas-web
x-client-session
qddbfk7kvjhstrfride6
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html
OszY8YxLtMbMKK8o3fGo
fpjscdn.net/v3/
150 KB
51 KB
Script
General
Full URL
https://fpjscdn.net/v3/OszY8YxLtMbMKK8o3fGo
Requested by
Host: l6b5a4qa51ba.com
URL: https://l6b5a4qa51ba.com/an/public/ba_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-118.ams1.r.cloudfront.net
Software
CloudFront /
Resource Hash
67d5cbe33edaa1c4d90c39ada1371338f2b17e101d7d0711f7d6e9f847006af1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Origin
https://l6b5a4qa51ba.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 11:53:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
4599
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"9c44NZBwGIePM3xzZygvATMG3Pk"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3676, s-maxage=635019
timing-allow-origin
*
x-amz-cf-id
ic1xrx7ZL_uV87XepAB8MsQzGOBogbPfzMlEVUL5I5O6hBZYXbTxJQ==
7
eu.api.fpjs.io/DwmA/JNZ1Dz7/
96 B
447 B
XHR
General
Full URL
https://eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=OszY8YxLtMbMKK8o3fGo
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.255.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afdd1a7789e84bffc.awsglobalaccelerator.com
Software
/
Resource Hash
e28faf0752c31d1d8c7148b3c0d8bbe7effca7844d69fc59ec2a265c01e2d280
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 13:10:25 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
DENY
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Retry-After
cache-control
max-age=31536000, immutable, private
timing-allow-origin
*
x-robots-tag
noindex
content-length
96
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2981F4SLMP&gtm=45je46j0v9176190868za200zb860805849&_p=1719061820119&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=508606713.1719061820&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719061820&sct=1&seg=0&dl=https%3A%2F%2Fl6b5a4qa51ba.com%2F0.033538629333420555&dt=&en=scroll&epn.percent_scrolled=90&_et=7&tfd=5608&_z=fetch
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 13:10:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://l6b5a4qa51ba.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
campaigns
webchannel-content.eservice.emarsys.net/customer/799213038/
10 B
422 B
XHR
General
Full URL
https://webchannel-content.eservice.emarsys.net/customer/799213038/campaigns?url=https:%2F%2Fl6b5a4qa51ba.com%2F0.033538629333420555&prev_url=&lang=en&uli=false
Requested by
Host: front.cdn-ba.com
URL: https://front.cdn-ba.com/spa-static/0.0.315/static/js/5863.72aad250.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.52.132 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://l6b5a4qa51ba.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 22 Jun 2024 13:10:26 GMT
x-content-type-options
nosniff
x-envoy-decorator-operation
webchannel-content-web.web-channel.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| dataLayer function| rstat4 object| ScarabQueue object| profiling_d1 string| AppsFlyerSdkObject function| AF string| rstat4_target_domain string| rstat4_target_base_url number| rstat4_target_project_id function| rstat4_pushState_orig object| _internal_fpPromise function| handleFP string| _internal_fpProId string| _internal_fpLastReqId string| _internal_fpAttempt function| pushState function| getCookie function| setCookie function| deleteCookie function| rstat object| webpackChunkbetandreas_spa object| SENTRY_RELEASE object| _scq object| _scwebpersonalization object| ScarabArrays object| ScarabUtil function| ScarabModule object| Scarab function| cookieLessDarklaunchEnabled object| AF_cleanupMethods object| AF_SDK object| google_tag_manager object| google_tag_data function| clearImmediate function| setImmediate object| regeneratorRuntime object| wheelV2 function| webpackHotUpdatewheel object| webpackChunkwheel object| React object| __SENTRY__ object| profiling_d2 function| WPSLogLevel object| gaGlobal object| SCARAB_OK_ object| JSON3 object| _site_params object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_157838 function| HowlerGlobal object| Howler function| Howl function| Sound undefined| __fpjs_p_l_b function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api object| __PIXI_STAGE__ object| __PIXI_RENDERER__ function| Function function| Object

13 Cookies

Domain/Path Name / Value
auth-andreas.com/multiauth Name: test_cooke_2sb5lrykcn22mjgn2satoo
Value: 1
auth-andreas.com/multiauth Name: test_cooke_cshwe5tb1nhyek3l08hwq
Value: 1
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOZOU_PsYGZ_mzoPXJ0s8Sm4uaAnQKMC_uyMwi5i5hZMKrH8g0jgbM5-lRgPvSosy0b4OVX6nN7S_iuC4xchMGU
.l6b5a4qa51ba.com/ Name: uid
Value: 7210267868586471424
.l6b5a4qa51ba.com/ Name: rst4-uid
Value: 7210267868586471424
.l6b5a4qa51ba.com/ Name: rst-uid
Value: 7210267868598894593
l6b5a4qa51ba.com/ Name: theme
Value: desktop
.l6b5a4qa51ba.com/ Name: _ga
Value: GA1.1.508606713.1719061820
l6b5a4qa51ba.com/ Name: PHPSESSID
Value: v4ia3fh31ru2p23qnoqta4q5o2
l6b5a4qa51ba.com/ Name: lunetics_locale
Value: ru
l6b5a4qa51ba.com/ Name: tz
Value: Europe%2FMoscow
.l6b5a4qa51ba.com/ Name: _ga_2981F4SLMP
Value: GS1.1.1719061820.1.0.1719061820.0.0.0
l6b5a4qa51ba.com/ Name: multiAuthThirdPartyEnabled
Value: true

2 Console Messages

Source Level URL
Text
network error URL: https://auth-andreas.com/multiauth/ping
Message:
Failed to load resource: the server responded with a status of 401 ()
other warning URL: https://microfrontend.wol-prod.com/822.js(Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-andreas.com
ba.z80p7o8nb7l.com
cdn.scarabresearch.com
code-ya.jivosite.com
code.jivo.ru
eu.api.fpjs.io
fpjscdn.net
front.cdn-ba.com
gba.lnabew.com
l6b5a4qa51ba.com
microfrontend.wol-prod.com
node-sber1-az1-25.jivosite.com
region1.google-analytics.com
rstat.rockmostbet.com
sentry.betandreas.com
static.scarabresearch.com
upload.cdn-ba.com
webchannel-content.eservice.emarsys.net
websdk.appsflyer.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.26.7.146
108.156.60.118
116.202.10.2
142.132.154.151
162.55.5.93
18.239.18.51
18.65.39.37
185.26.99.196
2001:4860:4802:32::36
2606:4700:3034::6815:3ffe
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2004
2a02:26f0:780::210:a440
2a05:d014:d13:26bb:ad3c:1113:166d:2fd7
2a13:1ec0::1037
34.111.52.132
57.128.74.67
76.223.74.40
99.83.255.25
002348c323bc3d2efd7520f2f06864ccc0089fe228bb27d6fd8a09ad07301de7
022395621a9e231334cdd24fdeae9d40ac9f6633d8660add4531032e4b08a938
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
088ae9a7a790dbe6caed45f05231bf9d93778fb3a79e3e168858d962aca3e7ec
0b0dd9a00aedfdd02b620b77d3567f1207d20467034df231b5b49b92edb9c88b
0fb430e2fdf26d7e3ee13660211ba451888eb9d8a6c1de1731a8fd1121418823
0fd0894850f9197559bcf5c745ebd15984c6c559abfcf167d850d5f238cdbcea
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
121b0a87cd57732157eb586b87f0a75905f320b987c344ac1000cbc0f038d97d
13360d6c6eb148f98189a82b0ea3f96148d9d4c31039502177d9e9caa9f9bc47
18ca13e99c1437e17a0ab29448456353eb07a392b18d932420e14a0135cd52da
1c2f678c1116724ec45697dc486821251558918da4b1dce95b3028680a5500e2
1e5c0bc921fbf102695ba411b2c3e5520fffb54a0ff38187b331ff4969258778
20c132e4b881d0220c419de31a745bdaaf4c0945ddd882177f0aed277df98d2e
25765a15420e2617bd8f7bbb7ef72f849a81ab2c933da254d0d09d73f02be1b9
268d87b6b1478d63fa6b978d91de6a7b3e9f037c61424cd732aeabffab390160
2f7b2cb6f3a446a463e408ec384c788f839a345b46755ebf606d048f9927ddc5
36107165b26c1b2e48c73ba42d745438f94d26939f4886cdbc7e513e3b1023e5
36c3f374b4cb3ca2d9059896b301bf2c4167a072f4c8c009a9d7ba829428985f
387115160f0df5b9e7c36b28849fc30b81c7833f78997b1f6b890a56a3f54873
3924c305d2bf14c93404f904cf9398ff87ff246717dc8830a5b26f4226f33bc7
3af8c0c38b9351c078bb5cd5de9029b524660f563573cc9b7e9d4e273e5701df
3b3e082f67cbac7fcbd062e58dbe3ba9c1207ee9fe37d73cb2e56a70c943557c
3b9de8f3bb4d65ebe964703b38c9ce2f3b40a58b33484e6eed8f92bbd5f10a4f
42dd9248b3e3b4b1df3d3ffbd7be2d97c554edcce8cd56e19f68a730f3976c96
43b95cfaa1ccd3243f3a3dcbabaf03e605aff865b5458c7a88ee7dd5673d98c5
43c1a085685836131fe2b5c8ba665643a9472c45d8ae2904525a039ac28f62bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44efe5378e086f05982b735ba74b2cf5d46a0df018e3d97ae2222dd7a03d3214
472ce390f8fb0b94baa6eefbe0a1c6e08a33272672710dca007d904b8ef97166
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5378f5b59e9e8bb6aaf3f27d3b5e6049dfe64826de14c29dde208021daf483b3
585886f874cec74453180d96216b62201f2026fd8e1c206e06050ef9d896aa1f
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
629220e7c5fc7aa9dc7fe0351303192e0467198ad42c83b419b62877dbe8290a
6508912846928f076136eacbc8c585d05ff2cc582d8792217edb1a332127e4c7
660eecf5b05bb9d98f76e921e550c66326f66c95069cea5a94f7e26f44f92352
67d5cbe33edaa1c4d90c39ada1371338f2b17e101d7d0711f7d6e9f847006af1
6e75c6a2ae984df7245076c3606c628324dbad9d2e1222e09c06a34c09e3dc14
6ff828c84bf585c23f877d504e32933a2961e8398bf2b753a156201ca8b810c0
7050cf39966d1032b72f2d742a5d669c541447e7fa12532c6396897d8fdc9d34
71413802653a94a3ef15105a438f99a0b2c31b1ba61794e84b36afa0d787f67b
715692bb4e93541071a0ad89402efa36881f62415d15abf0d6a005bf83a26c38
7324fd6492def6e6d3218e4e810220ba09c5bdec31b32c52fcd6cb37fbc474f4
7330ea36af9afcada41dca279f4b4f47b34f8b0e9d550d8e9e83a0a7d7150d19
742999568c54f18c500f5f540fa76d7f3830ec208c289e0bdc3de5a1afa5b610
7970d81327e8ad61b005a7e9dcbc043c0ea64f46937a52cfec56f010eba7afe8
7c2949367eb9cba915a937c910250482630b0d932f96b71b21edbba9c9c87bf8
880cc8e74455ee343a97d5115b5df60d57a31c6f9b68eff7d8b4a88c9c41211f
887d17a76a1a125087b3c48038fca8e79c07c7de0d216635a400ccee99c5509c
8a03bc332e7ac00ccec4f78dd45cd610920174ad9a663efafd629e3c5c6a4000
8ad228f06c507de84412157bcc37a2212fdcbe9d5ea9c7d6f6bad0ea42fff763
8b9776cb65f9f8d675ae0724381bf53529386e4a37f89113866ab94eb82833e3
8bff406362a20fe159fee77c7b5af790d4d1023a098f49aa7ba52edfbbfbd20e
8d49f5219172d5b359fa37f4fa212cd3f5e673a7f2ce8a0a9f5165d4d93d1713
99537311c3acddad0c916f0f2c7ffbf78758f31da43a7226009c7fc478fdd1e5
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
9f180f65269b59516b250cac867040925ff8e1e18a2fe949d1005eba99bf5b00
ac9b27c53770f0270cc079c30b73f475b6c2482294127e487fb89361f37abe63
ad30ca005e449e46410ec2b24a72685f1287bc3c5c96fc957105b41656228247
b344a853c6735382086a864f12f578455fa26f8b17ac941bdebe98cff3aaa9e1
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a
b4080708d40a8d6a2ae8c5932904d2285374ad40f7f2b2057c5bcf95ecd4139c
b463d1eed6f1853c616327435cd40844c3b3aafbd7dd1f1e732f9f9cf42e5796
b668386d52167ffa43404be434f8ada0d1c5ca0c17095ca24d149416b231da53
b8bef45d2c879bf41023aa66fa26d791fbb169b695f234af591a4b8cd7c4ad8f
bc5eed2321ee072cb15c3982b700672581e48b38fe711e41278bb28ad39cfe37
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c149cdf83ba69e244c802af3ecfcdb0a462999404ebe1ff1438746aa7a9b4b6d
c3e69ab6c77b0d1c7457138d0ba75fc88a3161f7effe877fa55812f7fe0b36d3
c5d4cb59eac22a55e800430710e57f941c20d358b77a82612b9f51bb641ceafa
c6a5f4651f8ad6a98049d2f6b33047903c991ebdfca7653edcd69800cba57322
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
ca6307ea1d37473ee8bfa3803cf504ed8b49e1239ddfa3b1172f808d8d616d52
cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d68ee897f54855f187b9b66c3a43506cb04586dac65ae3e8c42870f0cc893bd6
da5543757734e4f4c6237054148c1bcfa361e45637403a9976056a8a39e70056
e1ac1d1b1ce7c45c5694e433d7e15b057098606b3af2c7ac6d4e3433392cd894
e28faf0752c31d1d8c7148b3c0d8bbe7effca7844d69fc59ec2a265c01e2d280
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4014eff0f88e84f569c8e40958237fb616995052fcf80ebc5019721976466da
e49c9f1c05ba3d102f2f56529a9fc232f66e625d7ad0ddd3835f49c526210fd8
e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14
ed19a513faaebc054241cadd5561cdecaa488c140f7955ee34b7ab5a81d5c172
ed387e241d87000ab43b49f66cc66727d07e03b2ca1dd233865bbd6f12e63045
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
f27c8b221dfa3ccdbddaeea09f5d4e9f39abf8fe06fb2efe5af493b51b93feda
f290c933de960f24d841a8111ec0508d1ba71d6558a5ff51c8b12609c4f83075
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f409ec1060909c73405892e64a908ce47dbb2741961aba65714697a638f19998
f6f5cc3cbc5ee7495a0389e6125dff53982f20a6e9787c4b9c7d43ac1791de5b
fa434afeeacf81bcaa207fa309ab7a6f8d460e8cf60f16aae8cdfedb1d80ce12
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43