Submitted URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4...
Effective URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Submission: On December 19 via manual from US — Scanned from DE

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 47 HTTP transactions. The main IP is 104.17.64.19, located in and belongs to CLOUDFLARENET, US. The main domain is promotions.betonline.ag. The Cisco Umbrella rank of the primary domain is 304942.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 10th 2022. Valid for: a year.
This is the only time promotions.betonline.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.18.190.136 13335 (CLOUDFLAR...)
15 104.17.64.19 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 94.130.68.8 24940 (HETZNER-AS)
1 88.99.165.86 24940 (HETZNER-AS)
1 99.86.240.124 16509 (AMAZON-02)
1 34.250.29.153 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 184.30.20.207 16625 (AKAMAI-AS)
2 4 98.98.134.241 21859 (ZEN-ECN)
1 52.222.236.122 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 54.171.47.45 16509 (AMAZON-02)
1 18.66.147.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
47 23
Apex Domain
Subdomains
Transfer
15 betonline.ag
promotions.betonline.ag — Cisco Umbrella Rank: 304942
ui-promotions.betonline.ag — Cisco Umbrella Rank: 437587
www.betonline.ag — Cisco Umbrella Rank: 251765
438 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 904
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2623
20 KB
4 kameleoon.eu
gk2c59ma3x.kameleoon.eu — Cisco Umbrella Rank: 299300
eu-api-visit.kameleoon.eu — Cisco Umbrella Rank: 20448
eu-api-tracker.kameleoon.eu — Cisco Umbrella Rank: 21624
51 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
75 KB
2 xtremepush.com
api.xtremepush.com — Cisco Umbrella Rank: 24368
1 KB
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3532
2 basis.net
pixel-a.basis.net — Cisco Umbrella Rank: 19206
255 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
152 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 304
89 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
43 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6041
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
447 B
1 webpu.sh
src.webpu.sh — Cisco Umbrella Rank: 111551
37 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757
12 KB
1 commissionkings.ag
record.commissionkings.ag — Cisco Umbrella Rank: 220316
527 B
1 duried.com
duried.com
1 KB
0 acuityplatform.com Failed
acuityplatform.com Failed
47 19
Domain Requested by
7 ui-promotions.betonline.ag promotions.betonline.ag
4 pixel.mathtag.com www.googletagmanager.com
pixel.mathtag.com
promotions.betonline.ag
4 www.betonline.ag promotions.betonline.ag
duried.com
www.betonline.ag
4 promotions.betonline.ag duried.com
promotions.betonline.ag
2 api.xtremepush.com src.webpu.sh
2 region1.google-analytics.com www.googletagmanager.com
2 pixel.sitescout.com promotions.betonline.ag
2 pixel-a.basis.net 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 eu-api-visit.kameleoon.eu gk2c59ma3x.kameleoon.eu
2 www.googletagmanager.com promotions.betonline.ag
www.googletagmanager.com
2 cdn.jsdelivr.net promotions.betonline.ag
1 www.google.de promotions.betonline.ag
1 www.google.com promotions.betonline.ag
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 src.webpu.sh www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 eu-api-tracker.kameleoon.eu gk2c59ma3x.kameleoon.eu
1 maxcdn.bootstrapcdn.com promotions.betonline.ag
1 ajax.googleapis.com promotions.betonline.ag
1 fonts.googleapis.com promotions.betonline.ag
1 gk2c59ma3x.kameleoon.eu promotions.betonline.ag
1 record.commissionkings.ag 1 redirects
1 duried.com
0 acuityplatform.com Failed promotions.betonline.ag
47 27

This site contains links to these domains. Also see Links.

Domain
betonline.ag
help.betonline.ag
Subject Issuer Validity Valid
*.duried.com
GTS CA 1P5
2022-12-16 -
2023-03-16
3 months crt.sh
*.betonline.ag
AlphaSSL CA - SHA256 - G2
2022-01-10 -
2023-02-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-31 -
2023-05-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
kameleoon.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-20 -
2023-05-21
a year crt.sh
*.hotjar.com
Amazon
2022-10-25 -
2023-11-23
a year crt.sh
webpu.sh
R3
2022-10-28 -
2023-01-26
3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-05
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.xtremepush.com
Go Daddy Secure Certificate Authority - G2
2022-08-26 -
2023-09-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 7 frames:

Primary Page: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Frame ID: 9A22E620409AAD46FD4DC272BC442D87
Requests: 36 HTTP requests in this frame

Frame: https://www.betonline.ag/kameleoon-iframe.html
Frame ID: 3EC7D6EBE064AB421A950C14DA98F6EA
Requests: 1 HTTP requests in this frame

Frame: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Frame ID: F479E1AB6952950BE1D45D84FA4443AE
Requests: 3 HTTP requests in this frame

Frame: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Frame ID: 37EEB54F2252E1311687EE433E606713
Requests: 3 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0781271DB3146D639FE3DFD540A49291
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Frame ID: EA58385A857F6CE91800998AB538FE52
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: CE213BF5E9A740EC792FB86546AFA461
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BetOnline Sportsbook – Multi Sports Welcome Bonus

Page URL History Show full URLs

  1. https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9... Page URL
  2. https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV4362650... HTTP 301
    https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

96 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

23
IPs

5
Countries

924 kB
Transfer

2039 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0 Page URL
  2. https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV436265037144V0 HTTP 301
    https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
  • https://pixel.sitescout.com/dmp/asyncPixelSync
Request Chain 29
  • https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553 HTTP 301
  • https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ngo.html
duried.com/prod/
626 B
1 KB
Document
General
Full URL
https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:50c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
77c161943aa4bb35-FRA
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 16:05:41 GMT
expires
Mon, 19 Dec 2022 17:05:41 GMT
last-modified
Tue, 12 Apr 2022 06:45:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS0A7dpVCA%2Bv23fcrSCwnKWylFZ4VVSSilJQb33J5UNJ48z3nxxSN8PF5PFt3s%2F3ugffE0cJ3vHKOhQIiHHuUqy%2FzM%2F1DC05fHBUUCKVwBkPhJQDG6RjlSELjm%2FqUyh7n2O5RJunyWyV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-goog-generation
1649745940341770
x-goog-hash
crc32c=+jeBsA== md5=dl7RxfSqF7bBsUuXyu69Eg==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
626
x-guploader-uploadid
ADPycdt4Xlqpa_2zkxOBzc3_ea2kry_1trJpd5eU955dKJeLjcnHTfaL9Xc8JmjOJJ10sRkIk8A8Y3s-WI7SBVaesVwq6cfkB5is
Primary Request multisports-lp
promotions.betonline.ag/
Redirect Chain
  • https://record.commissionkings.ag/_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk/4/?s2s.req_id=1671327036100010TUSTV436265037144V0
  • https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
17 KB
6 KB
Document
General
Full URL
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Requested by
Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6368bebb529f73a57058fefcc52a9c8a94d94214b5aabeb5068e31f67e33b80

Request headers

Referer
https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
77c1619708fb6961-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 19 Dec 2022 16:05:42 GMT
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status
BYPASS
cf-ray
77c161961f9d9be8-FRA
content-type
text/html; charset=utf-8
date
Mon, 19 Dec 2022 16:05:41 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
kameleoon.js
gk2c59ma3x.kameleoon.eu/
205 KB
50 KB
Script
General
Full URL
https://gk2c59ma3x.kameleoon.eu/kameleoon.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c4d658c5f882901cb529cd8d89ec61ed8fb2a573a423744660bf3f764810bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options : nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains; preload
x-content-type-options
: nosniff
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Dec 2022 19:49:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"639b7a58-33419"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=198KYaCau90Rao2uw44Col69st2hZ%2BywkUjuLiBe1zf453HvKdivOAdqCQYqgmay8GncHBk7NCOcVQF4E12Bj9r51Wdw5CS9JIBkB9uxNmz50l226dYOykqSaPydkQOqOkaC5981WJQmfae4F3Ly8%2BYtrxts"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=5400
cf-ray
77c1619c780968e5-FRA
expires
Mon, 19 Dec 2022 17:35:42 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/
160 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promotions.betonline.ag/
Origin
https://promotions.betonline.ag
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20268097
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19134-FRA, cache-itm18849-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuAHQCzUKLWof3CUPnKoMQCwb6PWtTjf0U5t7twCOCuEgjuu47KMWXvuDRWBwgFkUq%2BxwSxCcBYYREFl49zFM%2FGppaFK%2Fv3KfdIsm%2FtrJpXrn25GzfN4ZdjtgrH%2FPhuYpQb9MCvCvFeWwnfwtD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77c1619c6f879b2b-FRA
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;800&display=swap
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d9ed62d92ac01fa431acaf0f07c8dd56ce2bc396047690a8de25612865f9ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 15:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Dec 2022 16:05:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
88 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:25:28 GMT
x-content-type-options
nosniff
age
31214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 07:25:28 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/
39 KB
12 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
15497800
cdn-cachedat
2021-08-01 19:19:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6923066369371d6997c92d232b1a01f3
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77c1619c6edcbba4-FRA
cdn-requestpullsuccess
True
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/
58 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promotions.betonline.ag/
Origin
https://promotions.betonline.ag
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23611432
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19173-FRA, cache-hhn4078-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew3dTvyiXz%2BhL5STZWSSmakglZB%2BDv0krPIZs07sKWQYZ7JD6q%2FePvfaejxkHZ9S37KrhStM7DKbSiWELij26ZPrpATc5UGsrrJT0BZWpbBpD1RWCzvK0hjlUIfTd%2F8NVpl1oxKLf89%2FuEgJWi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77c1619c6f889b2b-FRA
landingPageGeneral.js
ui-promotions.betonline.ag/js/default/
2 KB
1007 B
Script
General
Full URL
https://ui-promotions.betonline.ag/js/default/landingPageGeneral.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2d2e79993a3de19571fb6dcbb31e40b084f4d2836b8486c3a8c10c5e47017422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
cf-cache-status
HIT
age
5964
cf-polished
origSize=2690
x-powered-by
ASP.NET
cf-bgj
minify
last-modified
Tue, 22 Mar 2016 00:00:04 GMT
server
cloudflare
etag
W/"05a58c9cd83d11:0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
cf-ray
77c1619c7dc66961-FRA
expires
Mon, 19 Dec 2022 17:05:42 GMT
betonline-white-svg.svg
ui-promotions.betonline.ag/images/promotions/
3 KB
2 KB
Image
General
Full URL
https://ui-promotions.betonline.ag/images/promotions/betonline-white-svg.svg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bef89e183ed527038690e7813e84db47b11618aeeca0dc1bf72017ee8c8511cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 15:19:46 GMT
server
cloudflare
age
5963
etag
W/"b9b35c8359ad51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
cf-ray
77c1619d68046961-FRA
expires
Mon, 19 Dec 2022 17:05:42 GMT
CK_BOL_WK44_22_AQC_1920x720_46266_Sports.jpg
ui-promotions.betonline.ag/images/2022/WK44/
218 KB
219 KB
Image
General
Full URL
https://ui-promotions.betonline.ag/images/2022/WK44/CK_BOL_WK44_22_AQC_1920x720_46266_Sports.jpg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b56c1320d4cc93b832ecc411ed8716889338ff3b4e2db61cd24bad5ac3e48d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=234454, status=webp_bigger
x-powered-by
ASP.NET
content-length
223544
cf-bgj
imgq:100,h2pri
last-modified
Tue, 01 Nov 2022 20:57:10 GMT
server
cloudflare
etag
"ca90998234eed81:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
77c1619d98636961-FRA
expires
Mon, 19 Dec 2022 17:05:43 GMT
CK_BOL_WK44_22_AQC_800x800_46266_Sports.jpg
ui-promotions.betonline.ag/images/2022/WK44/
158 KB
158 KB
Image
General
Full URL
https://ui-promotions.betonline.ag/images/2022/WK44/CK_BOL_WK44_22_AQC_800x800_46266_Sports.jpg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5157a4378a9eeadd1dd7cba644fc11839f88ba998eebfa8897517afd279e0a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=170201, status=webp_bigger
x-powered-by
ASP.NET
content-length
161605
cf-bgj
imgq:100,h2pri
last-modified
Tue, 01 Nov 2022 20:57:10 GMT
server
cloudflare
etag
"c9d1ea8234eed81:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
77c1619db8bd6961-FRA
expires
Mon, 19 Dec 2022 17:05:43 GMT
Trusted_Icon.svg
ui-promotions.betonline.ag/images/promotions/
1 KB
719 B
Image
General
Full URL
https://ui-promotions.betonline.ag/images/promotions/Trusted_Icon.svg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fc3c6df4bc9c8b3a669c009ddfd7e5f83e548f5b883e91d859ee95f55d02f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Oct 2021 21:51:01 GMT
server
cloudflare
etag
W/"a01716bdc5c6d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
cf-ray
77c1619db8c06961-FRA
expires
Mon, 19 Dec 2022 17:05:43 GMT
A-Rating_Icon.svg
ui-promotions.betonline.ag/images/promotions/
2 KB
1014 B
Image
General
Full URL
https://ui-promotions.betonline.ag/images/promotions/A-Rating_Icon.svg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f3aa949749ab073280e997d23788bcd21678cbfcf95540c149c448ab60d9a66d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Oct 2021 21:51:00 GMT
server
cloudflare
etag
W/"ae9fc8bcc5c6d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
cf-ray
77c1619db8c26961-FRA
expires
Mon, 19 Dec 2022 17:05:43 GMT
Fastestpayouts_Icon.svg
ui-promotions.betonline.ag/images/promotions/
2 KB
1 KB
Image
General
Full URL
https://ui-promotions.betonline.ag/images/promotions/Fastestpayouts_Icon.svg
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7d8aefe26ba01e39daef1dcb5eab01bc7c79de5adb8eb33593b5828e18161de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Oct 2021 21:51:01 GMT
server
cloudflare
etag
W/"2b8864bdc5c6d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
https://promotions.betonline.ag
cache-control
public, max-age=3600
cf-ray
77c1619db8c46961-FRA
expires
Mon, 19 Dec 2022 17:05:43 GMT
gtm.js
www.googletagmanager.com/
237 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd78daa67278e55db4fdc3d4a01aede42eb17350a56d47f9fd8e52637541df32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77512
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Dec 2022 16:05:42 GMT
kameleoon-iframe.html
www.betonline.ag/ Frame 3EC7
13 KB
3 KB
Document
General
Full URL
https://www.betonline.ag/kameleoon-iframe.html
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d978f6a2ea490819cbe73e79e07b3c59d0523a4b7fb0f798a73cdfde0b74a05d

Request headers

Referer
https://promotions.betonline.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=2592000
cf-cache-status
DYNAMIC
cf-ray
77c1619c7dde6961-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 19 Dec 2022 16:05:42 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express
invisible.js
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame F479
36 KB
15 KB
Script
General
Full URL
https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Requested by
Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77c1619dd8fd6961-FRA
pica.js
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/ Frame F479
19 KB
8 KB
Other
General
Full URL
https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f259911fbbff164bc68cab7b82a2087543219cef476014af0c746b953c5a76c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77c1619e098f6961-FRA
events
eu-api-visit.kameleoon.eu/
0
480 B
XHR
General
Full URL
https://eu-api-visit.kameleoon.eu/events?siteCode=gk2c59ma3x&visitorCode=pcr5bqfg2u2taf7g
Requested by
Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
94.130.68.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
eu-log-parser03.kameleoon.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Dec 2022 16:05:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Server
nginx/1.20.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
user-agent,kameleoon-client
ip.gif
eu-api-tracker.kameleoon.eu/
0
198 B
XHR
General
Full URL
https://eu-api-tracker.kameleoon.eu/ip.gif
Requested by
Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
88.99.165.86 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
eu-log-parser01.kameleoon.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Dec 2022 16:05:42 GMT
Access-Control-Expose-Headers
ip
Server
nginx/1.20.1
Connection
keep-alive
ip
185.213.155.166
invisible.js
www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 37EE
35 KB
15 KB
Script
General
Full URL
https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Requested by
Host: duried.com
URL: https://duried.com/prod/ngo.html?lu=https%3A%2F%2Frecord.commissionkings.ag%2F_pXwiP9HS4sRontN9MC4McmNd7ZgqdRLk%2F4%2F%3Fs2s.req_id%3D1671327036100010TUSTV436265037144V0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c432c86b61bba5b861f9b6d47ffcd42c7812a6c1a65337520ae577ba9ab34a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77c1619ebaf76961-FRA
pica.js
www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/ Frame 37EE
20 KB
8 KB
Other
General
Full URL
https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462636e3eb1583d6aa8982657f0bdbd28f2379734b448e2cb1da36a7bfc825a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:42 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77c1619efbb96961-FRA
hotjar-2115245.js
static.hotjar.com/c/
13 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2115245.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-124.vie50.r.cloudfront.net
Software
/
Resource Hash
bd3d60250df09a7330cb86b0ceea0232220f3f0d29e570efc76a9cebda1613dc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 19 Dec 2022 16:04:46 GMT
via
1.1 f39b904b3d29bdb5e473689299f6dedc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
57
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/cf4e0ab87e706f3de6e38b9fd2eaf9a8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
HRTbBLq2tZGCHiR44M5tITM6TxtxGnvK6Dgr4RC6xTu0RsE3zQF2OA==
sdk.js
src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/
172 KB
37 KB
Script
General
Full URL
https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.29.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-29-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f64b4bc8d1ec0c1ffb84fdd17acca08ac80af33f0c9c9964175e18c484f83424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 14:45:19 GMT
x-amz-request-id
10JHREKVQJ8VF8Z8
ETag
W/"791283869d56dd1f5855bbe1fb6b9a6a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=21600
Connection
keep-alive
x-amz-id-2
2uOWerKyx19r2fDB1v4MIUgL221CdcenzaX82ySvkoieAGZvd3GalXEslk/p5rhYrzWvc4k1wIw=
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Dec 2022 15:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2466
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 19 Dec 2022 17:24:37 GMT
js
pixel.mathtag.com/event/
1 KB
2 KB
Script
General
Full URL
https://pixel.mathtag.com/event/js?mt_id=1431978&mt_adid=209502&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 254 34fcae8 master iad-pixel-x11 config:1.0.0 /
Resource Hash
69640c24d28fcea8a4c9cae68d18f1b7587866dcab500520516e76a5b29ee815

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Server
MT3 254 34fcae8 master iad-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1493
Expires
Mon, 19 Dec 2022 16:05:42 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0781
Redirect Chain
  • https://pixel-a.basis.net/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync
0
0
Document
General
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 19 Dec 2022 16:05:42 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
location
https://pixel.sitescout.com/dmp/asyncPixelSync
js
www.googletagmanager.com/gtag/
218 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQHV4BL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4455bee0fea9a90f2d12b3e103d3129e1dbdc179a9f504c2d4185b18860eceef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77155
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 19 Dec 2022 16:05:43 GMT
6516535879176609792
acuityplatform.com/Adserver/pxl/
0
0

dd731635ddce362e
pixel.sitescout.com/up/
Redirect Chain
  • https://pixel-a.basis.net/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
  • https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
0
0
Image
General
Full URL
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location
https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
content-length
0
77c1619708fb6961
promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F479
2 B
367 B
XHR
General
Full URL
https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/77c1619708fb6961
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
server
cloudflare
cf-ray
77c161a169ee6961-FRA
content-type
text/plain; charset=UTF-8
77c1619c7dde6961
www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 37EE
2 B
356 B
XHR
General
Full URL
https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/cv/result/77c1619c7dde6961
Requested by
Host: www.betonline.ag
URL: https://www.betonline.ag/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671465600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.64.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Dec 2022 16:05:43 GMT
content-encoding
br
server
cloudflare
cf-ray
77c161a29cf96961-FRA
content-type
text/plain; charset=UTF-8
events
eu-api-visit.kameleoon.eu/
0
480 B
XHR
General
Full URL
https://eu-api-visit.kameleoon.eu/events?siteCode=gk2c59ma3x&visitorCode=pcr5bqfg2u2taf7g
Requested by
Host: gk2c59ma3x.kameleoon.eu
URL: https://gk2c59ma3x.kameleoon.eu/kameleoon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
94.130.68.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
eu-log-parser03.kameleoon.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
Server
nginx/1.20.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
user-agent,kameleoon-client
iframe
pixel.mathtag.com/sync/ Frame EA58
713 B
1 KB
Document
General
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1431978&mt_adid=209502&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 254 34fcae8 master iad-pixel-x22 config:1.0.0 /
Resource Hash
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer
https://promotions.betonline.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
713
Content-Type
text/html
Date
Mon, 19 Dec 2022 16:05:43 GMT
Expires
Mon, 19 Dec 2022 16:05:42 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 254 34fcae8 master iad-pixel-x22 config:1.0.0
modules.bc1117deb4413903e9ac.js
script.hotjar.com/
264 KB
68 KB
Script
General
Full URL
https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2115245.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 08:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
287737
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68859
last-modified
Fri, 16 Dec 2022 08:09:37 GMT
etag
"f13ff1e59c6576e6eab8ec5da41ce435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5HUu_p3KmjfYQ7JsQaBS2D9ElvKkQGFVcRP2meoHwnaBjqfU5gSNtA==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1975967769&t=pageview&_s=1&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&ul=en-us&de=UTF-8&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=735174075&gjid=821977565&cid=1895992229.1671465943&tid=UA-139709338-1&_gid=165847892.1671465943&_r=1&gtm=2wgbu0WQHV4BL&z=477979994
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promotions.betonline.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
352 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KC6V6402HY&gtm=2oebu0&_p=1975967769&cid=1895992229.1671465943&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671465943&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 16:05:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promotions.betonline.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/comp/
0
479 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 254 34fcae8 master iad-pixel-x4 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Server
MT3 254 34fcae8 master iad-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 19 Dec 2022 16:05:42 GMT
deviceCreate
api.xtremepush.com/push/api/
227 B
920 B
XHR
General
Full URL
https://api.xtremepush.com/push/api/deviceCreate
Requested by
Host: src.webpu.sh
URL: https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.47.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-47-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a13a914ab060982b67630fc3e44c636510bdb66ffc5e4bceb2c185186272a108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://promotions.betonline.ag
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, X-Requested-With
X-XSS-Protection
1; mode=block
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame CE21
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2115245.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-113.fra60.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://promotions.betonline.ag/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2256937
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id
Vc3C90Q8Ympk6cCoLYIB358exPeStnmQ23XDdctyUDIb-lxtkOwNkg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
img
pixel.mathtag.com/comp/ Frame EA58
0
480 B
Image
General
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 254 34fcae8 master iad-pixel-x25 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=afb963a0-8bd7-4000-a45e-4cd7560737de&no_iframe=1&mt_adid=209502&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Server
MT3 254 34fcae8 master iad-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 19 Dec 2022 16:05:42 GMT
collect
stats.g.doubleclick.net/j/
4 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&gjid=821977565&_gid=165847892.1671465943&_u=YEBAAEAAAAAAACAAI~&z=1318028715
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promotions.betonline.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&_u=YEBAAEAAAAAAACAAI~&z=611875764
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-139709338-1&cid=1895992229.1671465943&jid=735174075&_u=YEBAAEAAAAAAACAAI~&z=611875764
Requested by
Host: promotions.betonline.ag
URL: https://promotions.betonline.ag/multisports-lp?btag=BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk&affid=101553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 16:05:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
deviceUpdate
api.xtremepush.com/push/api/
68 B
490 B
XHR
General
Full URL
https://api.xtremepush.com/push/api/deviceUpdate
Requested by
Host: src.webpu.sh
URL: https://src.webpu.sh/1eWsiALDRXs2l3kEUTuPYzskP24ydMW-/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.47.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-47-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

Accept
application/json
Referer
https://promotions.betonline.ag/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Dec 2022 16:05:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Access-Control-Allow-Origin
https://promotions.betonline.ag
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KC6V6402HY&gtm=2oebu0&_p=1975967769&cid=1895992229.1671465943&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671465943&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553&dt=BetOnline%20Sportsbook%20%E2%80%93%20Multi%20Sports%20Welcome%20Bonus&en=scroll&epn.percent_scrolled=90&_et=15
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC6V6402HY&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promotions.betonline.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 16:05:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promotions.betonline.ag
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
acuityplatform.com
URL
https://acuityplatform.com/Adserver/pxl/6516535879176609792

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| dataLayer number| kameleoonLoadingTimeout object| kameleoonS string| kameleoonCc object| kameleoonStn object| kameleoonQueue number| kameleoonStartLoadTime object| kameleoonDisplayPage number| kameleoonDisplayPageTimeOut object| kameleoonIframeOriginElement function| kameleoonProcessMessageEvent object| iframeNode string| kameleoonIframeURL boolean| kameleoonLightIframe string| kameleoonIframeOrigin function| kbowser object| Kameleoon function| $ function| jQuery number| uidEvent object| bootstrap object| Adp function| addLoadEvent function| getQueryStringByName function| chgAction boolean| kameleoonExternalIFrameLoaded number| kameleoonEndLoadTime object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| hj object| _hjSettings string| XtremePushObject function| xtremepush string| GoogleAnalyticsObject function| ga function| MtBts function| metric object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| XPConfig object| XPTranslations function| XPCore function| XPCoreWindow function| XPCoreFrame function| XPStore function| XPStoreDetectPrivateMode function| XPApi function| XPApiRequest function| XPSessionManager function| XPUpdateManager function| XPGaManager function| XPPushManager function| XPPushWebManager function| XPPushSafariManager function| XPWindowManager function| XPFrameManager function| XPNotificationCenter function| XPLocalNotification function| XPPageHelper function| XPPopupMessage function| XPInterface function| XPTranslation function| XPCustomMessageHandler string| XPStyle string| XPPopupStyle object| XPEnvironment object| XPApiInstance object| XPStoreInstance object| XPSessionManagerInstance object| XPUpdateManagerInstance object| XPGaManagerInstance object| XPPushManagerInstance object| XPTranslationInstance object| XPNotificationCenterInstance object| XPWindowManagerInstance object| XPFrameManagerInstance object| XPCustomMessageHandlerInstance object| XPPageHelperInstance object| XPCoreInstance object| XPInterfaceInstance function| WebpushSweetalert2 function| WebpushSweetAlert function| WebpushSwal function| webpushSweetAlert function| webpushSwal function| onYouTubeIframeAPIReady function| init function| buildRequestData function| requestStateChanged

22 Cookies

Domain/Path Name / Value
record.commissionkings.ag/ Name: VID1
Value: KSxTQFMsUzhQLjM4VQpgCg%3D%3D
.commissionkings.ag/ Name: ZBan
Value: BQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk
promotions.betonline.ag/ Name: server_persistent
Value: !0YoEi6V+SkKRz06KJcby5Il79pzHse36M+P+PIuJwbmjdAWeu0Xb5dk7gm5yPOZBVZHNwIDkHY+KD0U=
.betonline.ag/ Name: CT.CONTENT.NA.STATUS
Value: 1
.betonline.ag/ Name: PreviousUrlNav
Value: %2Fkameleoon-iframe.html
.betonline.ag/ Name: __cfruid
Value: 7fc14cc458b43a15772fb9080b9943dadffbb94d-1671465942
.betonline.ag/ Name: kameleoonVisitorCode
Value: _js_pcr5bqfg2u2taf7g
.mathtag.com/ Name: uuid
Value: afb963a0-8bd7-4000-a45e-4cd7560737de
.betonline.ag/ Name: _gid
Value: GA1.2.165847892.1671465943
.betonline.ag/ Name: _gat_UA-139709338-1
Value: 1
.betonline.ag/ Name: _ga_KC6V6402HY
Value: GS1.1.1671465943.1.0.1671465943.0.0.0
.betonline.ag/ Name: _ga
Value: GA1.1.1895992229.1671465943
.betonline.ag/ Name: _hjSessionUser_2115245
Value: eyJpZCI6Ijg1OGUxODk1LWQzODgtNTE2Yi1hMDY3LWM0ZjFhODU4YWE0MCIsImNyZWF0ZWQiOjE2NzE0NjU5NDM1NzcsImV4aXN0aW5nIjpmYWxzZX0=
.betonline.ag/ Name: _hjFirstSeen
Value: 1
promotions.betonline.ag/ Name: _hjIncludedInSessionSample
Value: 0
.betonline.ag/ Name: _hjSession_2115245
Value: eyJpZCI6ImRjNzlmNGU5LTE1NTYtNDMyZC1iODNkLTE2ZmQ4NGI5MWQwYyIsImNyZWF0ZWQiOjE2NzE0NjU5NDM2MTMsImluU2FtcGxlIjpmYWxzZX0=
.betonline.ag/ Name: _hjAbsoluteSessionInProgress
Value: 0
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.betonline.ag/ Name: _xpid
Value: 947896285
.betonline.ag/ Name: _xpkey
Value: hYC1h0ZX1cTKsLJxkO-3mA8gHRdgebl8
promotions.betonline.ag/ Name: f5avr0430962816aaaaaaaaaaaaaaaa_cspm_
Value: KMLONFMCBMKNGDADNAPHNFCFOPGECDIHHMALOLGKOELMCEPHIKBANOKJFKJBBJIHGGGCCOKGJMKOJAJPCCJALPLHANHOIMJEGHFFGDCFKOFIMIMKACILPANIDPDKDOMG
.betonline.ag/ Name: __cf_bm
Value: oIGU1CkG50thdFkRLgIgYd3t3A2Rs9Q0BBFjyGmDU2w-1671465944-0-AeZsXXTQv7ku/nmE5yP1biwGTVSu16Dno7dI70eacrzniLfeji/vIZISJFDOydAxGLqBf+14ZIrqV6kSoqfqxQQ=

3 Console Messages

Source Level URL
Text
network error URL: https://acuityplatform.com/Adserver/pxl/6516535879176609792
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pixel.sitescout.com/up/dd731635ddce362e?cntr_url=https%3A%2F%2Fpromotions.betonline.ag%2Fmultisports-lp%3Fbtag%3DBQO7Gqraql2pdkAtiG9Vu2Nd7ZgqdRLk%26affid%3D101553
Message:
Failed to load resource: the server responded with a status of 500 ()
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acuityplatform.com
ajax.googleapis.com
api.xtremepush.com
cdn.jsdelivr.net
duried.com
eu-api-tracker.kameleoon.eu
eu-api-visit.kameleoon.eu
fonts.googleapis.com
gk2c59ma3x.kameleoon.eu
maxcdn.bootstrapcdn.com
pixel-a.basis.net
pixel.mathtag.com
pixel.sitescout.com
promotions.betonline.ag
record.commissionkings.ag
region1.google-analytics.com
script.hotjar.com
src.webpu.sh
static.hotjar.com
stats.g.doubleclick.net
ui-promotions.betonline.ag
vars.hotjar.com
www.betonline.ag
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
acuityplatform.com
104.17.64.19
104.18.190.136
18.66.147.113
184.30.20.207
2001:4860:4802:32::36
2606:4700:20::681a:a1e
2606:4700:3037::6815:50c5
2606:4700::6810:5514
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9b
2a00:1450:400d:803::2008
2a00:1450:400d:804::200a
2a00:1450:400d:80a::2004
34.250.29.153
52.222.236.122
54.171.47.45
88.99.165.86
94.130.68.8
98.98.134.241
99.86.240.124
1d9ed62d92ac01fa431acaf0f07c8dd56ce2bc396047690a8de25612865f9ce0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d2e79993a3de19571fb6dcbb31e40b084f4d2836b8486c3a8c10c5e47017422
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
38c4d658c5f882901cb529cd8d89ec61ed8fb2a573a423744660bf3f764810bf
4455bee0fea9a90f2d12b3e103d3129e1dbdc179a9f504c2d4185b18860eceef
462636e3eb1583d6aa8982657f0bdbd28f2379734b448e2cb1da36a7bfc825a4
5157a4378a9eeadd1dd7cba644fc11839f88ba998eebfa8897517afd279e0a35
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
69640c24d28fcea8a4c9cae68d18f1b7587866dcab500520516e76a5b29ee815
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
7d8aefe26ba01e39daef1dcb5eab01bc7c79de5adb8eb33593b5828e18161de3
7f259911fbbff164bc68cab7b82a2087543219cef476014af0c746b953c5a76c
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fc3c6df4bc9c8b3a669c009ddfd7e5f83e548f5b883e91d859ee95f55d02f66
9c432c86b61bba5b861f9b6d47ffcd42c7812a6c1a65337520ae577ba9ab34a5
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a13a914ab060982b67630fc3e44c636510bdb66ffc5e4bceb2c185186272a108
b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56c1320d4cc93b832ecc411ed8716889338ff3b4e2db61cd24bad5ac3e48d34
bd3d60250df09a7330cb86b0ceea0232220f3f0d29e570efc76a9cebda1613dc
bef89e183ed527038690e7813e84db47b11618aeeca0dc1bf72017ee8c8511cc
c6368bebb529f73a57058fefcc52a9c8a94d94214b5aabeb5068e31f67e33b80
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd78daa67278e55db4fdc3d4a01aede42eb17350a56d47f9fd8e52637541df32
d978f6a2ea490819cbe73e79e07b3c59d0523a4b7fb0f798a73cdfde0b74a05d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aa949749ab073280e997d23788bcd21678cbfcf95540c149c448ab60d9a66d
f64b4bc8d1ec0c1ffb84fdd17acca08ac80af33f0c9c9964175e18c484f83424
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d