promotions.betonline.ag Open in urlscan Pro
104.17.64.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4...
Effective URL:
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Submission: On December 19 via manual (December 19th 2022, 4:05:48 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 47 HTTP transactions. The main IP is 104.17.64.19, located in and belongs to CLOUDFLARENET, US. The main domain is promotions.betonline.ag. The Cisco Umbrella rank of the primary domain is 304942.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 10th 2022. Valid for: a year.

This is the only time promotions.betonline.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:50c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.18.190.136 104.18.190.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.17.64.19 104.17.64.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
2	94.130.68.8 94.130.68.8	24940 (HETZNER-AS) (HETZNER-AS)
1	88.99.165.86 88.99.165.86	24940 (HETZNER-AS) (HETZNER-AS)
1	99.86.240.124 99.86.240.124	16509 (AMAZON-02) (AMAZON-02)
1	34.250.29.153 34.250.29.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	54.171.47.45 54.171.47.45	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
47	23

1 2606:4700:3037::6815:50c5 (United States)

ASN13335 (CLOUDFLARENET, US)

duried.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.190.136 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.commissionkings.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.17.64.19 (None, )

ASN13335 (CLOUDFLARENET, US)

promotions.betonline.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui-promotions.betonline.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.betonline.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

gk2c59ma3x.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.68.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser03.kameleoon.net

eu-api-visit.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.165.86 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu-log-parser01.kameleoon.net

eu-api-tracker.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-124.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.29.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-29-153.eu-west-1.compute.amazonaws.com

src.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.47.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-47-45.eu-west-1.compute.amazonaws.com

api.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	betonline.ag promotions.betonline.ag — Cisco Umbrella Rank: 304942 ui-promotions.betonline.ag — Cisco Umbrella Rank: 437587 www.betonline.ag — Cisco Umbrella Rank: 251765	438 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 904	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	20 KB
4	kameleoon.eu gk2c59ma3x.kameleoon.eu — Cisco Umbrella Rank: 299300 eu-api-visit.kameleoon.eu — Cisco Umbrella Rank: 20448 eu-api-tracker.kameleoon.eu — Cisco Umbrella Rank: 21624	51 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 643 script.hotjar.com — Cisco Umbrella Rank: 811 vars.hotjar.com — Cisco Umbrella Rank: 936	75 KB
2	xtremepush.com api.xtremepush.com — Cisco Umbrella Rank: 24368	1 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3532
2	basis.net 2 redirects pixel-a.basis.net — Cisco Umbrella Rank: 19206	255 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	152 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 304	89 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	43 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6041	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	447 B
1	webpu.sh src.webpu.sh — Cisco Umbrella Rank: 111551	37 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757	12 KB
1	commissionkings.ag 1 redirects record.commissionkings.ag — Cisco Umbrella Rank: 220316	527 B
1	duried.com duried.com	1 KB
0	acuityplatform.com Failed acuityplatform.com Failed
47	19

	Domain	Requested by
7	ui-promotions.betonline.ag	promotions.betonline.ag
4	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com promotions.betonline.ag
4	www.betonline.ag	promotions.betonline.ag duried.com www.betonline.ag
4	promotions.betonline.ag	duried.com promotions.betonline.ag
2	api.xtremepush.com	src.webpu.sh
2	region1.google-analytics.com	www.googletagmanager.com
2	pixel.sitescout.com	promotions.betonline.ag
2	pixel-a.basis.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	eu-api-visit.kameleoon.eu	gk2c59ma3x.kameleoon.eu
2	www.googletagmanager.com	promotions.betonline.ag www.googletagmanager.com
2	cdn.jsdelivr.net	promotions.betonline.ag
1	www.google.de	promotions.betonline.ag
1	www.google.com	promotions.betonline.ag
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	src.webpu.sh	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	eu-api-tracker.kameleoon.eu	gk2c59ma3x.kameleoon.eu
1	maxcdn.bootstrapcdn.com	promotions.betonline.ag
1	ajax.googleapis.com	promotions.betonline.ag
1	fonts.googleapis.com	promotions.betonline.ag
1	gk2c59ma3x.kameleoon.eu	promotions.betonline.ag
1	record.commissionkings.ag	1 redirects
1	duried.com
0	acuityplatform.com Failed	promotions.betonline.ag
47	27

This site contains links to these domains. Also see Links.

Domain
betonline.ag
help.betonline.ag

Subject Issuer	Validity	Valid
*.duried.com GTS CA 1P5	`2022-12-16` - `2023-03-16`	3 months	crt.sh
*.betonline.ag AlphaSSL CA - SHA256 - G2	`2022-01-10` - `2023-02-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
kameleoon.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-05-21`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
webpu.sh R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.xtremepush.com Go Daddy Secure Certificate Authority - G2	`2022-08-26` - `2023-09-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Frame ID: 9A22E620409AAD46FD4DC272BC442D87
Requests: 36 HTTP requests in this frame

Frame: https://www.betonline.ag/kameleoon-iframe.html
Frame ID: 3EC7D6EBE064AB421A950C14DA98F6EA
Requests: 1 HTTP requests in this frame

Frame: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Frame ID: F479E1AB6952950BE1D45D84FA4443AE
Requests: 3 HTTP requests in this frame

Frame: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Frame ID: 37EEB54F2252E1311687EE433E606713
Requests: 3 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0781271DB3146D639FE3DFD540A49291
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Frame ID: EA58385A857F6CE91800998AB538FE52
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: CE213BF5E9A740EC792FB86546AFA461
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BetOnline Sportsbook – Multi Sports Welcome Bonus

Page URL History Show full URLs

https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9... Page URL
https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV4362650... HTTP 301
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

96 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

23
IPs

5
Countries

924 kB
Transfer

2039 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://betonline.ag/join?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Search URL Search Domain Scan URL

URL: https://help.betonline.ag/knowledge-base/betonline-rules/?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Title: General Rules

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0 Page URL
https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV436265037144V0 HTTP 301
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 29

https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553 HTTP 301
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ngo.html
duried.com/prod/ 626 B
1 KB 414ms
156ms Document
text/html 2606:4700:3037::6815:50c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:50c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 77c161943aa4bb35-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 16:05:41 GMT
expires: Mon, 19 Dec 2022 17:05:41 GMT
last-modified: Tue, 12 Apr 2022 06:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS0A7dpVCA%2Bv23fcrSCwnKWylFZ4VVSSilJQb33J5UNJ48z3nxxSN8PF5PFt3s%2F3ugffE0cJ3vHKOhQIiHHuUqy%2FzM%2F1DC05fHBUUCKVwBkPhJQDG6RjlSELjm%2FqUyh7n2O5RJunyWyV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-goog-generation: 1649745940341770
x-goog-hash: crc32c=+jeBsA== md5=dl7RxfSqF7bBsUuXyu69Eg==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 626
x-guploader-uploadid: ADPycdt4Xlqpa_2zkxOBzc3_ea2kry_1trJpd5eU955dKJeLjcnHTfaL9Xc8JmjOJJ10sRkIk8A8Y3s-WI7SBVaesVwq6cfkB5is

GET
H2

200

Primary Request multisports-lp Show response
promotions.betonline.ag/
Redirect Chain

https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV436265037144V0
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

17 KB
6 KB

867ms
806ms

Document
text/html

104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Requested by: Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6368bebb529f73a57058fefcc52a9c8a94d94214b5aabeb5068e31f67e33b80

Request headers

Referer: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 77c1619708fb6961-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 16:05:42 GMT
server: cloudflare

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status: BYPASS
cf-ray: 77c161961f9d9be8-FRA
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 16:05:41 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
H2 200 kameleoon.js Show response
gk2c59ma3x.kameleoon.eu/ 205 KB
50 KB 177ms
123ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gk2c59ma3x.kameleoon.eu/kameleoon.js

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38c4d658c5f882901cb529cd8d89ec61ed8fb2a573a423744660bf3f764810bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	: nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options: : nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Dec 2022 19:49:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"639b7a58-33419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=198KYaCau90Rao2uw44Col69st2hZ%2BywkUjuLiBe1zf453HvKdivOAdqCQYqgmay8GncHBk7NCOcVQF4E12Bj9r51Wdw5CS9JIBkB9uxNmz50l226dYOykqSaPydkQOqOkaC5981WJQmfae4F3Ly8%2BYtrxts"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=5400
cf-ray: 77c1619c780968e5-FRA
expires: Mon, 19 Dec 2022 17:35:42 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 64ms
23ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betonline.ag/
Origin: https://promotions.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20268097
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA, cache-itm18849-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuAHQCzUKLWof3CUPnKoMQCwb6PWtTjf0U5t7twCOCuEgjuu47KMWXvuDRWBwgFkUq%2BxwSxCcBYYREFl49zFM%2FGppaFK%2Fv3KfdIsm%2FtrJpXrn25GzfN4ZdjtgrH%2FPhuYpQb9MCvCvFeWwnfwtD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77c1619c6f879b2b-FRA

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 196ms
77ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;800&display=swap

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d9ed62d92ac01fa431acaf0f07c8dd56ce2bc396047690a8de25612865f9ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:00:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:05:42 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 129ms
37ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:25:28 GMT
x-content-type-options: nosniff
age: 31214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 07:25:28 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 73ms
37ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 15497800
cdn-cachedat: 2021-08-01 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6923066369371d6997c92d232b1a01f3
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77c1619c6edcbba4-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 58 KB
17 KB 65ms
27ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betonline.ag/
Origin: https://promotions.betonline.ag
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23611432
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA, cache-hhn4078-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew3dTvyiXz%2BhL5STZWSSmakglZB%2BDv0krPIZs07sKWQYZ7JD6q%2FePvfaejxkHZ9S37KrhStM7DKbSiWELij26ZPrpATc5UGsrrJT0BZWpbBpD1RWCzvK0hjlUIfTd%2F8NVpl1oxKLf89%2FuEgJWi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77c1619c6f889b2b-FRA

GET
H2 200 landingPageGeneral.js Show response
ui-promotions.betonline.ag/js/default/ 2 KB
1007 B 125ms
79ms Script
text/javascript 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui-promotions.betonline.ag/js/default/landingPageGeneral.js
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2d2e79993a3de19571fb6dcbb31e40b084f4d2836b8486c3a8c10c5e47017422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 5964
cf-polished: origSize=2690
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Tue, 22 Mar 2016 00:00:04 GMT
server: cloudflare
etag: W/"05a58c9cd83d11:0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
cf-ray: 77c1619c7dc66961-FRA
expires: Mon, 19 Dec 2022 17:05:42 GMT

GET
H2 200 betonline-white-svg.svg
ui-promotions.betonline.ag/images/promotions/ 3 KB
2 KB 73ms
72ms Image
image/svg+xml 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/promotions/betonline-white-svg.svg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bef89e183ed527038690e7813e84db47b11618aeeca0dc1bf72017ee8c8511cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 15:19:46 GMT
server: cloudflare
age: 5963
etag: W/"b9b35c8359ad51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
cf-ray: 77c1619d68046961-FRA
expires: Mon, 19 Dec 2022 17:05:42 GMT

GET
H2 200 CK_BOL_WK44_22_AQC_1920x720_46266_Sports.jpg
ui-promotions.betonline.ag/images/2022/WK44/ 218 KB
219 KB 722ms
722ms Image
image/jpeg 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/2022/WK44/CK_BOL_WK44_22_AQC_1920x720_46266_Sports.jpg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b56c1320d4cc93b832ecc411ed8716889338ff3b4e2db61cd24bad5ac3e48d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=234454, status=webp_bigger
x-powered-by: ASP.NET
content-length: 223544
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Nov 2022 20:57:10 GMT
server: cloudflare
etag: "ca90998234eed81:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 77c1619d98636961-FRA
expires: Mon, 19 Dec 2022 17:05:43 GMT

GET
H2 200 CK_BOL_WK44_22_AQC_800x800_46266_Sports.jpg
ui-promotions.betonline.ag/images/2022/WK44/ 158 KB
158 KB 843ms
842ms Image
image/jpeg 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/2022/WK44/CK_BOL_WK44_22_AQC_800x800_46266_Sports.jpg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5157a4378a9eeadd1dd7cba644fc11839f88ba998eebfa8897517afd279e0a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=170201, status=webp_bigger
x-powered-by: ASP.NET
content-length: 161605
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Nov 2022 20:57:10 GMT
server: cloudflare
etag: "c9d1ea8234eed81:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 77c1619db8bd6961-FRA
expires: Mon, 19 Dec 2022 17:05:43 GMT

GET
H2 200 Trusted_Icon.svg
ui-promotions.betonline.ag/images/promotions/ 1 KB
719 B 825ms
823ms Image
image/svg+xml 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/promotions/Trusted_Icon.svg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fc3c6df4bc9c8b3a669c009ddfd7e5f83e548f5b883e91d859ee95f55d02f66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Oct 2021 21:51:01 GMT
server: cloudflare
etag: W/"a01716bdc5c6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
cf-ray: 77c1619db8c06961-FRA
expires: Mon, 19 Dec 2022 17:05:43 GMT

GET
H2 200 A-Rating_Icon.svg
ui-promotions.betonline.ag/images/promotions/ 2 KB
1014 B 724ms
723ms Image
image/svg+xml 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/promotions/A-Rating_Icon.svg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f3aa949749ab073280e997d23788bcd21678cbfcf95540c149c448ab60d9a66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Oct 2021 21:51:00 GMT
server: cloudflare
etag: W/"ae9fc8bcc5c6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
cf-ray: 77c1619db8c26961-FRA
expires: Mon, 19 Dec 2022 17:05:43 GMT

GET
H2 200 Fastestpayouts_Icon.svg
ui-promotions.betonline.ag/images/promotions/ 2 KB
1 KB 724ms
723ms Image
image/svg+xml 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ui-promotions.betonline.ag/images/promotions/Fastestpayouts_Icon.svg
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7d8aefe26ba01e39daef1dcb5eab01bc7c79de5adb8eb33593b5828e18161de3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Oct 2021 21:51:01 GMT
server: cloudflare
etag: W/"2b8864bdc5c6d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://promotions.betonline.ag
cache-control: public, max-age=3600
cf-ray: 77c1619db8c46961-FRA
expires: Mon, 19 Dec 2022 17:05:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
76 KB 188ms
72ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd78daa67278e55db4fdc3d4a01aede42eb17350a56d47f9fd8e52637541df32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77512
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 16:05:42 GMT

GET
H2 200 kameleoon-iframe.html Show response
www.betonline.ag/ Frame 3EC7 13 KB
3 KB 300ms
284ms Document
text/html 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/kameleoon-iframe.html
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d978f6a2ea490819cbe73e79e07b3c59d0523a4b7fb0f798a73cdfde0b74a05d

Request headers

Referer: https://promotions.betonline.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 77c1619c7dde6961-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 16:05:42 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 invisible.js Show response
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame F479 36 KB
15 KB 24ms
23ms Script
application/javascript 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Requested by: Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1619dd8fd6961-FRA

GET
H2 200 pica.js
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/ Frame F479 19 KB
8 KB 35ms
35ms Other
application/javascript 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f259911fbbff164bc68cab7b82a2087543219cef476014af0c746b953c5a76c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1619e098f6961-FRA

POST
H/1.1 204
No Content events Show response
eu-api-visit.kameleoon.eu/ 0
480 B 57ms
11ms XHR
text/plain 94.130.68.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-api-visit.kameleoon.eu/events?siteCode=gk2c59ma3x&visitorCode=pcr5bqfg2u2taf7g

Requested by

Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.130.68.8 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

eu-log-parser03.kameleoon.net

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 19 Dec 2022 16:05:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Server: nginx/1.20.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

GET
H/1.1 204
No Content ip.gif Show response
eu-api-tracker.kameleoon.eu/ 0
198 B 56ms
11ms XHR
text/plain 88.99.165.86
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-api-tracker.kameleoon.eu/ip.gif
Requested by: Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.165.86 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu-log-parser01.kameleoon.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 19 Dec 2022 16:05:42 GMT
Access-Control-Expose-Headers: ip
Server: nginx/1.20.1
Connection: keep-alive
ip: 185.213.155.166

GET
H2 200 invisible.js Show response
www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 37EE 35 KB
15 KB 35ms
35ms Script
application/javascript 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Requested by: Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c432c86b61bba5b861f9b6d47ffcd42c7812a6c1a65337520ae577ba9ab34a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1619ebaf76961-FRA

GET
H2 200 pica.js
www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/ Frame 37EE 20 KB
8 KB 33ms
33ms Other
application/javascript 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462636e3eb1583d6aa8982657f0bdbd28f2379734b448e2cb1da36a7bfc825a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:42 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1619efbb96961-FRA

GET
H2 200 hotjar-2115245.js Show response
static.hotjar.com/c/ 13 KB
5 KB 112ms
39ms Script
application/javascript 99.86.240.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2115245.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-124.vie50.r.cloudfront.net

Software

Resource Hash

bd3d60250df09a7330cb86b0ceea0232220f3f0d29e570efc76a9cebda1613dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 16:04:46 GMT
via: 1.1 f39b904b3d29bdb5e473689299f6dedc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 57
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/cf4e0ab87e706f3de6e38b9fd2eaf9a8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: HRTbBLq2tZGCHiR44M5tITM6TxtxGnvK6Dgr4RC6xTu0RsE3zQF2OA==

GET
H/1.1 200
OK sdk.js Show response
src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/ 172 KB
37 KB 172ms
80ms Script
text/javascript 34.250.29.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.29.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-29-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f64b4bc8d1ec0c1ffb84fdd17acca08ac80af33f0c9c9964175e18c484f83424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 14:45:19 GMT
x-amz-request-id: 10JHREKVQJ8VF8Z8
ETag: W/"791283869d56dd1f5855bbe1fb6b9a6a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Connection: keep-alive
x-amz-id-2: 2uOWerKyx19r2fDB1v4MIUgL221CdcenzaX82ySvkoieAGZvd3GalXEslk/p5rhYrzWvc4k1wIw=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 15:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2466
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 17:24:37 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 131ms
107ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1431978&mt_adid=209502&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 254 34fcae8 master iad-pixel-x11 config:1.0.0 /
Resource Hash: 69640c24d28fcea8a4c9cae68d18f1b7587866dcab500520516e76a5b29ee815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Server: MT3 254 34fcae8 master iad-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1493
Expires: Mon, 19 Dec 2022 16:05:42 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0781
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

43ms
14ms

Document
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 19 Dec 2022 16:05:42 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
75 KB 75ms
74ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4455bee0fea9a90f2d12b3e103d3129e1dbdc179a9f504c2d4185b18860eceef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 16:05:43 GMT

GET 6516535879176609792
acuityplatform.com/Adserver/pxl/ 0
0

GET
H2

500

dd731635ddce362e
pixel.sitescout.com/up/
Redirect Chain

https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553

0
0

14ms
14ms

Image
text/html

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
content-length: 0

POST
H2 200 77c1619708fb6961 Show response
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F479 2 B
367 B 125ms
124ms XHR
text/plain 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/77c1619708fb6961
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
server: cloudflare
cf-ray: 77c161a169ee6961-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 77c1619c7dde6961 Show response
www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 37EE 2 B
356 B 60ms
59ms XHR
text/plain 104.17.64.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/77c1619c7dde6961
Requested by: Host: www.betonline.ag
URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 16:05:43 GMT
content-encoding: br
server: cloudflare
cf-ray: 77c161a29cf96961-FRA
content-type: text/plain; charset=UTF-8

POST
H/1.1 204
No Content events Show response
eu-api-visit.kameleoon.eu/ 0
480 B 11ms
11ms XHR
text/plain 94.130.68.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-api-visit.kameleoon.eu/events?siteCode=gk2c59ma3x&visitorCode=pcr5bqfg2u2taf7g

Requested by

Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.130.68.8 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

eu-log-parser03.kameleoon.net

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Server: nginx/1.20.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: user-agent,kameleoon-client

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame EA58 713 B
1 KB 104ms
104ms Document
text/html 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1431978&mt_adid=209502&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 254 34fcae8 master iad-pixel-x22 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://promotions.betonline.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Mon, 19 Dec 2022 16:05:43 GMT
Expires: Mon, 19 Dec 2022 16:05:42 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 254 34fcae8 master iad-pixel-x22 config:1.0.0

GET
H2 200 modules.bc1117deb4413903e9ac.js Show response
script.hotjar.com/ 264 KB
68 KB 39ms
7ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc1117deb4413903e9ac.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2115245.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 287737
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68859
last-modified: Fri, 16 Dec 2022 08:09:37 GMT
etag: "f13ff1e59c6576e6eab8ec5da41ce435"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5HUu_p3KmjfYQ7JsQaBS2D9ElvKkQGFVcRP2meoHwnaBjqfU5gSNtA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 116ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1975967769&t=pageview&_s=1&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&ul=en-us&de=UTF-8&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=735174075&gjid=821977565&cid=1895992229.1671465943&tid=UA-139709338-1&_gid=165847892.1671465943&_r=1&gtm=2wgbu0WQHV4BL&z=477979994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 125ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KC6V6402HY&gtm=2oebu0&_p=1975967769&cid=1895992229.1671465943&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671465943&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:05:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
479 B 110ms
97ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 254 34fcae8 master iad-pixel-x4 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Server: MT3 254 34fcae8 master iad-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 19 Dec 2022 16:05:42 GMT

POST
H/1.1 200
OK deviceCreate Show response
api.xtremepush.com/push/api/ 227 B
920 B 395ms
280ms XHR
application/json 54.171.47.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceCreate

Requested by

Host: src.webpu.sh
URL: https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.47.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-47-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a13a914ab060982b67630fc3e44c636510bdb66ffc5e4bceb2c185186272a108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://promotions.betonline.ag
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-XSS-Protection: 1; mode=block

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame CE21 2 KB
1 KB 38ms
7ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2115245.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://promotions.betonline.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2256937
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id: Vc3C90Q8Ympk6cCoLYIB358exPeStnmQ23XDdctyUDIb-lxtkOwNkg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame EA58 0
480 B 102ms
102ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 254 34fcae8 master iad-pixel-x25 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Server: MT3 254 34fcae8 master iad-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 19 Dec 2022 16:05:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&gjid=821977565&_gid=165847892.1671465943&_u=YEBAAEAAAAAAACAAI~&z=1318028715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 209ms
82ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&_u=YEBAAEAAAAAAACAAI~&z=611875764

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 148ms
62ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&_u=YEBAAEAAAAAAACAAI~&z=611875764

Requested by

Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 68 B
490 B 28ms
28ms XHR
application/json 54.171.47.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xtremepush.com/push/api/deviceUpdate
Requested by: Host: src.webpu.sh
URL: https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.47.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-47-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

Accept: application/json
Referer: https://promotions.betonline.ag/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 19 Dec 2022 16:05:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://promotions.betonline.ag
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 97ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KC6V6402HY&gtm=2oebu0&_p=1975967769&cid=1895992229.1671465943&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671465943&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&en=scroll&epn.percent_scrolled=90&_et=15
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.betonline.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:05:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betonline.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acuityplatform.com
URL: https://acuityplatform.com/Adserver/pxl/6516535879176609792

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
record.commissionkings.ag/	1970-01-20 17:03:21	Name: VID1 Value: KSxTQFMsUzhQLjM4VQpgCg%3D%3D
.commissionkings.ag/	1970-01-20 17:03:21	Name: ZBan Value: BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk
promotions.betonline.ag/	1969-12-31 23:59:59	Name: server_persistent Value: !0YoEi6V+SkKRz06KJcby5Il79pzHse36M+P+PIuJwbmjdAWeu0Xb5dk7gm5yPOZBVZHNwIDkHY+KD0U=
.betonline.ag/	1970-01-20 10:27:21	Name: CT.CONTENT.NA.STATUS Value: 1
.betonline.ag/	1970-01-20 10:27:21	Name: PreviousUrlNav Value: %2Fkameleoon-iframe.html
.betonline.ag/	1969-12-31 23:59:59	Name: __cfruid Value: 7fc14cc458b43a15772fb9080b9943dadffbb94d-1671465942
.betonline.ag/	1970-01-20 17:03:21	Name: kameleoonVisitorCode Value: _js_pcr5bqfg2u2taf7g
.mathtag.com/	1970-01-20 17:43:41	Name: uuid Value: afb963a0-8bd7-4000-a45e-4cd7560737de
.betonline.ag/	1970-01-20 08:19:12	Name: _gid Value: GA1.2.165847892.1671465943
.betonline.ag/	1970-01-20 08:17:46	Name: _gat_UA-139709338-1 Value: 1
.betonline.ag/	1970-01-20 17:53:45	Name: _ga_KC6V6402HY Value: GS1.1.1671465943.1.0.1671465943.0.0.0
.betonline.ag/	1970-01-20 17:53:45	Name: _ga Value: GA1.1.1895992229.1671465943
.betonline.ag/	1970-01-20 17:03:21	Name: _hjSessionUser_2115245 Value: eyJpZCI6Ijg1OGUxODk1LWQzODgtNTE2Yi1hMDY3LWM0ZjFhODU4YWE0MCIsImNyZWF0ZWQiOjE2NzE0NjU5NDM1NzcsImV4aXN0aW5nIjpmYWxzZX0=
.betonline.ag/	1970-01-20 08:17:47	Name: _hjFirstSeen Value: 1
promotions.betonline.ag/	1970-01-20 08:17:46	Name: _hjIncludedInSessionSample Value: 0
.betonline.ag/	1970-01-20 08:17:47	Name: _hjSession_2115245 Value: eyJpZCI6ImRjNzlmNGU5LTE1NTYtNDMyZC1iODNkLTE2ZmQ4NGI5MWQwYyIsImNyZWF0ZWQiOjE2NzE0NjU5NDM2MTMsImluU2FtcGxlIjpmYWxzZX0=
.betonline.ag/	1970-01-20 08:17:47	Name: _hjAbsoluteSessionInProgress Value: 0
.mathtag.com/	1970-01-20 09:00:57	Name: mt_misc Value: mt_bt:1
.betonline.ag/	1970-01-20 12:36:57	Name: _xpid Value: 947896285
.betonline.ag/	1970-01-20 12:36:57	Name: _xpkey Value: hYC1h0ZX1cTKsLJxkO-3mA8gHRdgebl8
promotions.betonline.ag/	1969-12-31 23:59:59	Name: f5avr0430962816aaaaaaaaaaaaaaaa_cspm_ Value: KMLONFMCBMKNGDADNAPHNFCFOPGECDIHHMALOLGKOELMCEPHIKBANOKJFKJBBJIHGGGCCOKGJMKOJAJPCCJALPLHANHOIMJEGHFFGDCFKOFIMIMKACILPANIDPDKDOMG
.betonline.ag/	1970-01-20 08:17:47	Name: __cf_bm Value: oIGU1CkG50thdFkRLgIgYd3t3A2Rs9Q0BBFjyGmDU2w-1671465944-0-AeZsXXTQv7ku/nmE5yP1biwGTVSu16Dno7dI70eacrzniLfeji/vIZISJFDOydAxGLqBf+14ZIrqV6kSoqfqxQQ=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://acuityplatform.com/Adserver/pxl/6516535879176609792 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	Message: A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acuityplatform.com
ajax.googleapis.com
api.xtremepush.com
cdn.jsdelivr.net
duried.com
eu-api-tracker.kameleoon.eu
eu-api-visit.kameleoon.eu
fonts.googleapis.com
gk2c59ma3x.kameleoon.eu
maxcdn.bootstrapcdn.com
pixel-a.basis.net
pixel.mathtag.com
pixel.sitescout.com
promotions.betonline.ag
record.commissionkings.ag
region1.google-analytics.com
script.hotjar.com
src.webpu.sh
static.hotjar.com
stats.g.doubleclick.net
ui-promotions.betonline.ag
vars.hotjar.com
www.betonline.ag
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
acuityplatform.com
104.17.64.19
104.18.190.136
18.66.147.113
184.30.20.207
2001:4860:4802:32::36
2606:4700:20::681a:a1e
2606:4700:3037::6815:50c5
2606:4700::6810:5514
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9b
2a00:1450:400d:803::2008
2a00:1450:400d:804::200a
2a00:1450:400d:80a::2004
34.250.29.153
52.222.236.122
54.171.47.45
88.99.165.86
94.130.68.8
98.98.134.241
99.86.240.124
1d9ed62d92ac01fa431acaf0f07c8dd56ce2bc396047690a8de25612865f9ce0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d2e79993a3de19571fb6dcbb31e40b084f4d2836b8486c3a8c10c5e47017422
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
38c4d658c5f882901cb529cd8d89ec61ed8fb2a573a423744660bf3f764810bf
4455bee0fea9a90f2d12b3e103d3129e1dbdc179a9f504c2d4185b18860eceef
462636e3eb1583d6aa8982657f0bdbd28f2379734b448e2cb1da36a7bfc825a4
5157a4378a9eeadd1dd7cba644fc11839f88ba998eebfa8897517afd279e0a35
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
69640c24d28fcea8a4c9cae68d18f1b7587866dcab500520516e76a5b29ee815
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
7d8aefe26ba01e39daef1dcb5eab01bc7c79de5adb8eb33593b5828e18161de3
7f259911fbbff164bc68cab7b82a2087543219cef476014af0c746b953c5a76c
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fc3c6df4bc9c8b3a669c009ddfd7e5f83e548f5b883e91d859ee95f55d02f66
9c432c86b61bba5b861f9b6d47ffcd42c7812a6c1a65337520ae577ba9ab34a5
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a13a914ab060982b67630fc3e44c636510bdb66ffc5e4bceb2c185186272a108
b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56c1320d4cc93b832ecc411ed8716889338ff3b4e2db61cd24bad5ac3e48d34
bd3d60250df09a7330cb86b0ceea0232220f3f0d29e570efc76a9cebda1613dc
bef89e183ed527038690e7813e84db47b11618aeeca0dc1bf72017ee8c8511cc
c6368bebb529f73a57058fefcc52a9c8a94d94214b5aabeb5068e31f67e33b80
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd78daa67278e55db4fdc3d4a01aede42eb17350a56d47f9fd8e52637541df32
d978f6a2ea490819cbe73e79e07b3c59d0523a4b7fb0f798a73cdfde0b74a05d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aa949749ab073280e997d23788bcd21678cbfcf95540c149c448ab60d9a66d
f64b4bc8d1ec0c1ffb84fdd17acca08ac80af33f0c9c9964175e18c484f83424
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

promotions.betonline.ag Open in urlscan Pro 104.17.64.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

52 %IPv6

19 Domains

27 Subdomains

23 IPs

5 Countries

924 kBTransfer

2039 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promotions.betonline.ag Open in urlscan Pro
104.17.64.19 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

23
IPs

5
Countries

924 kB
Transfer

2039 kB
Size

22
Cookies

47 HTTP transactions
0 data transactions