promotions.betfred.com Open in urlscan Pro
45.60.124.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Effective URL:
https://promotions.betfred.com/
Submission: On October 04 via api (October 4th 2023, 10:44:14 pm UTC) from LU — Scanned from GB

Summary HTTP 108 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 36 domains to perform 108 HTTP transactions. The main IP is 45.60.124.248, located in United States and belongs to INCAPSULA, US. The main domain is promotions.betfred.com. The Cisco Umbrella rank of the primary domain is 137713.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 24th 2023. Valid for: 6 months.

This is the only time promotions.betfred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	139.45.197.155 139.45.197.155	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	18.195.128.171 18.195.128.171	16509 (AMAZON-02) (AMAZON-02)
1 1	18.169.7.0 18.169.7.0	16509 (AMAZON-02) (AMAZON-02)
1 31	45.60.124.248 45.60.124.248	19551 (INCAPSULA) (INCAPSULA)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	54.216.55.98 54.216.55.98	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:7800:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	151.101.192.64 151.101.192.64	54113 (FASTLY) (FASTLY)
4	104.102.33.171 104.102.33.171	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.213.159.54 52.213.159.54	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	35.241.11.19 35.241.11.19	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
4 5	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 4	13.32.27.83 13.32.27.83	() ()
2 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 5	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:f83a:28a1:111d:1bc4	() ()
1	3.121.203.109 3.121.203.109	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.50.95.29 52.50.95.29	() ()
2 2	52.208.23.16 52.208.23.16	() ()
1	34.240.57.208 34.240.57.208	() ()
108	41

16 139.45.197.155 (United Kingdom)

ASN9002 (RETN-AS, GB)

thecoolposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.128.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-171.eu-central-1.compute.amazonaws.com

track.joyful-u.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.7.0 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-7-0.eu-west-2.compute.amazonaws.com

bfpartners.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 45.60.124.248 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

www.betfred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
promotions.betfred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8373518.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.55.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-55-98.eu-west-1.compute.amazonaws.com

c5.adalyser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.64 (United States)

ASN54113 (FASTLY, US)

cdn.cooladata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.33.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-33-171.deploy.static.akamaitechnologies.com

zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.159.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-159-54.eu-west-1.compute.amazonaws.com

content.betfred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.11.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.11.241.35.bc.googleusercontent.com

api.cooladata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20795173p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.83 (None, ) 4 redirects

ASN- ()

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.90 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:f83a:28a1:111d:1bc4 (None, )

ASN- ()

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.203.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-203-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.95.29 (None, ) 1 redirects

ASN- ()

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.23.16 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.57.208 (None, )

ASN- ()

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	betfred.com 1 redirects www.betfred.com — Cisco Umbrella Rank: 110323 promotions.betfred.com — Cisco Umbrella Rank: 137713 content.betfred.com — Cisco Umbrella Rank: 169214 loaduk.betfred.com Failed	1 MB
16	thecoolposts.com thecoolposts.com	67 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	72 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	4 KB
5	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 719	1 KB
5	rfihub.com 4 redirects 20795173p.rfihub.com — Cisco Umbrella Rank: 209118 p.rfihub.com — Cisco Umbrella Rank: 1417 a.rfihub.com	7 KB
5	doubleclick.net 3 redirects 8373518.fls.doubleclick.net — Cisco Umbrella Rank: 156880 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	2 KB
4	bidr.io 3 redirects segment.prod.bidr.io match.prod.bidr.io	2 KB
4	rezync.com 4 redirects live.rezync.com	3 KB
4	connextra.com zz.connextra.com — Cisco Umbrella Rank: 13273	18 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4075 tr.outbrain.com — Cisco Umbrella Rank: 3583 wave.outbrain.com — Cisco Umbrella Rank: 4002	9 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 691	14 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 6646	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 182 www.google.com — Cisco Umbrella Rank: 11	848 B
2	cooladata.com cdn.cooladata.com — Cisco Umbrella Rank: 75282 api.cooladata.com — Cisco Umbrella Rank: 7229	6 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 1600 analytics.twitter.com — Cisco Umbrella Rank: 1065	777 B
2	instana.io eum.instana.io — Cisco Umbrella Rank: 12120 eum-eu-west-1.instana.io	10 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	59 KB
2	adalyser.com c5.adalyser.com — Cisco Umbrella Rank: 27238	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	191 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
1	google.com.br www.google.com.br — Cisco Umbrella Rank: 17283	408 B
1	t.co t.co — Cisco Umbrella Rank: 707	376 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 614	146 B
1	tremorhub.com partners.tremorhub.com	175 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1062	615 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1620	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	264 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1547	423 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 7912	6 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 6049	7 KB
1	bfpartners.click 1 redirects bfpartners.click — Cisco Umbrella Rank: 118642	3 KB
1	joyful-u.vip 1 redirects track.joyful-u.vip	610 B
108	36

	Domain	Requested by
30	promotions.betfred.com	thecoolposts.com promotions.betfred.com
16	thecoolposts.com	thecoolposts.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com eum.instana.io
5	idsync.rlcdn.com	2 redirects promotions.betfred.com
4	live.rezync.com	4 redirects
4	zz.connextra.com	www.googletagmanager.com eum.instana.io promotions.betfred.com
3	ib.adnxs.com	2 redirects promotions.betfred.com
3	p.rfihub.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com promotions.betfred.com
3	my.rtmark.net	thecoolposts.com
2	match.prod.bidr.io	2 redirects
2	segment.prod.bidr.io	1 redirects promotions.betfred.com
2	secure.adnxs.com	1 redirects promotions.betfred.com
2	cm.g.doubleclick.net	2 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	content.betfred.com	www.googletagmanager.com
2	c5.adalyser.com	thecoolposts.com promotions.betfred.com
2	connect.facebook.net	thecoolposts.com connect.facebook.net
2	8373518.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	thecoolposts.com www.googletagmanager.com
2	fonts.googleapis.com	promotions.betfred.com
1	eum-eu-west-1.instana.io	eum.instana.io
1	www.google.com.br	promotions.betfred.com
1	www.google.com	promotions.betfred.com
1	analytics.twitter.com	promotions.betfred.com
1	t.co	promotions.betfred.com
1	x.bidswitch.net	promotions.betfred.com
1	partners.tremorhub.com	promotions.betfred.com
1	contextual.media.net	promotions.betfred.com
1	ps.eyeota.net	promotions.betfred.com
1	us-u.openx.net	promotions.betfred.com
1	image2.pubmatic.com	promotions.betfred.com
1	a.rfihub.com	1 redirects
1	www.facebook.com	promotions.betfred.com
1	adservice.google.com	8373518.fls.doubleclick.net
1	stats.g.doubleclick.net	eum.instana.io
1	20795173p.rfihub.com	c1.rfihub.net
1	script.hotjar.com	static.hotjar.com
1	api.cooladata.com	promotions.betfred.com
1	wave.outbrain.com	amplify.outbrain.com
1	cdn.cooladata.com	thecoolposts.com
1	static.ads-twitter.com	promotions.betfred.com
1	platform.twitter.com	1 redirects
1	c1.rfihub.net	thecoolposts.com
1	eum.instana.io	thecoolposts.com
1	static.hotjar.com	thecoolposts.com
1	amplify.outbrain.com	www.googletagmanager.com
1	widget.trustpilot.com	promotions.betfred.com
1	www.betfred.com	1 redirects
1	bfpartners.click	1 redirects
1	track.joyful-u.vip	1 redirects
0	loaduk.betfred.com Failed	eum.instana.io
108	52

This site contains links to these domains. Also see Links.

Domain
betfred.com
www.betfred.com
www.begambleaware.org
www.taketimetothink.co.uk
www.gamblingcommission.gov.uk
content.betfred.com
www.gibraltar.gov.gi
ibia.bet
www.gamcare.org.uk
www.gamstop.co.uk

Subject Issuer	Validity	Valid
thecoolposts.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-24` - `2024-02-20`	6 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.adalyser.com Thawte TLS RSA CA G1	`2023-06-13` - `2024-07-13`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.cooladata.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-21` - `2024-09-21`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2024-03-28`	a year	crt.sh
*.betfred.com Amazon RSA 2048 M02	`2023-02-10` - `2023-12-20`	10 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com.br GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://promotions.betfred.com/
Frame ID: 06C842BE3804E21E24DA1039E2581B78
Requests: 92 HTTP requests in this frame

Frame: https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F
Frame ID: 09A6B668A729CA9DACBDA1F2D2D6543E
Requests: 1 HTTP requests in this frame

Frame: https://20795173p.rfihub.com/ca.html?ver=9&rb=24579&ca=20795173&_o=24579&_t=20795173&pe=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&pf=&ra=6016646717258172
Frame ID: 1D5DD05E0C3B9A4DDAC260DB3D6A5978
Requests: 11 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F
Frame ID: 0CE5376259C06E51FD47A1DDD94B479F
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=16759969&t=2
Frame ID: 5474FB8C6B09BB8FD8746A0096813E80
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/6476700339460634249
Frame ID: A675406377D296F21A4B0332853B6A76
Requests: 1 HTTP requests in this frame

Frame: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=&_bee_ppp=1
Frame ID: 0E37436F61A147BF9682D477E45D37AF
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAESbU7KO9UAABepFBoRpw
Frame ID: EB790CE5D706F45E90BC4362BB628EC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Betfred Casino | Casino Welcome Offer

Page URL History Show full URLs

https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015 Page URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2 Page URL
https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=5154505&subzone_id=0&browservers... HTTP 302
https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wp2b3camqlr5bm2sihb4eecm HTTP 302
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_778232951&target=https://... HTTP 302
https://promotions.betfred.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

108
Requests

91 %
HTTPS

30 %
IPv6

36
Domains

52
Subdomains

41
IPs

5
Countries

1761 kB
Transfer

4897 kB
Size

65
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://betfred.com/cookies-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://betfred.com/#login
Title: Log In

Search URL Search Domain Scan URL

URL: http://betfred.com/register
Title: Claim Here

Search URL Search Domain Scan URL

URL: https://www.betfred.com/casino/game/bluewizard
Title: Blue Wizard™

Search URL Search Domain Scan URL

URL: https://www.betfred.com/casino/game/footballcashcollect
Title: Football! Cash Collect™

Search URL Search Domain Scan URL

URL: https://www.betfred.com/casino/game/shrineofanubisgoldhit
Title: Shrine of Anubis Gold Hit™

Search URL Search Domain Scan URL

URL: https://www.betfred.com/age-identity-verification
Title: Verification Policy

Search URL Search Domain Scan URL

URL: https://www.betfred.com/
Title: Betfred.com

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/
Title: www.begambleaware.org

Search URL Search Domain Scan URL

URL: https://www.taketimetothink.co.uk/

Search URL Search Domain Scan URL

URL: https://www.betfred.com/responsible-gambling

Search URL Search Domain Scan URL

URL: https://www.gamblingcommission.gov.uk/

Search URL Search Domain Scan URL

URL: https://content.betfred.com/2019/pdf/BetfredeCommerceComplianceCertificate.pdf

Search URL Search Domain Scan URL

URL: https://www.gibraltar.gov.gi/finance-gaming-and-regulations/remote-gambling

Search URL Search Domain Scan URL

URL: https://ibia.bet/

Search URL Search Domain Scan URL

URL: https://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: https://www.gamstop.co.uk/

Search URL Search Domain Scan URL

URL: https://www.gamblingcommission.gov.uk/public-register/business/detail/39544
Title: 39544

Search URL Search Domain Scan URL

URL: https://www.gibraltar.gov.gi/new/remote-gambling
Title: Gibraltar Gambling Commissioner

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015 Page URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2 Page URL
https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=5154505&subzone_id=0&browserversion=73&osversion=win10&user_activity=high&bannerid=14185211&isp=british%20telecommunications%20plc&zone_type={zone_type}&request_var=3520015&survey_exit_type=not_survey&cost=0.000982&visitor_id=733566698539717165&oaid=04531421ab23a3d80208e3669d8940e4 HTTP 302
https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wp2b3camqlr5bm2sihb4eecm HTTP 302
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_778232951&target=https://promotions.betfred.com/ HTTP 302
https://promotions.betfred.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://8373518.fls.doubleclick.net/activityi;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F HTTP 302
https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F

Request Chain 63

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 86

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2a8650%253A1696459453.1430328%26_%3D1696459453.144293&cb=1696459453.1443186 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2a8650%253A1696459453.1430328%26_%3D1696459453.144293 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&_=1696459453.144293 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPCZs3OyaH8XA1do5Cys3UU&google_cver=1

Request Chain 87

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYzMDAwMzAyODE0OQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFme0bNBPuHqffpzXoY7gJ0&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2a8650%253A1696459453.1430328%26_%3D1696459453.9250646&cb=1696459453.9250894 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2a8650%253A1696459453.1430328%26_%3D1696459453.9250646 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&_=1696459453.9250646 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6476700339460634249

Request Chain 88

https://ib.adnxs.com/setuid?entity=18&code=5109685630003028149 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630003028149

Request Chain 91

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5109685630003028149&bid=omt9pi0

Request Chain 102

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP 302
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/6476700339460634249

Request Chain 103

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=&_bee_ppp=1

Request Chain 104

https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAESbU7KO9UAABepFBoRpw

108 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
thecoolposts.com/ 40 KB
18 KB 237ms
83ms Document
text/html 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: aa7b681d1723c56f2d9d4dcccf718c5af5da7812da78d1407363e5cd884a9982

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 22:44:09 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 193ms
58ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=04531421ab23a3d80208e3669d8940e4

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b7894b5192e70291b046d48e83d22a1986248799d65e28797e3554a8fbc3946b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thecoolposts.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
thecoolposts.com/pfe/current/ 26 KB
10 KB 30ms
29ms Script
application/javascript 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
last-modified: Mon, 02 Oct 2023 15:45:50 GMT
server: nginx
etag: W/"651ae5ae-68a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 / Show response
thecoolposts.com/19/5154505/ 3 KB
2 KB 38ms
38ms XHR
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/19/5154505/?abt_opts=1&var=3520015&var3=378562555951460825&ymid=&rhd=1

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a879696985aae26611548e2b28948746c16d8d84fc005330d49a6ea63a3d65e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
x-trace-id: cfb5a45fa931e65939292ca9e3d79357
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Content-Type: image/gif

POST
H2 200 / Show response
thecoolposts.com/ 2 B
307 B 49ms
49ms XHR
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&mprtr=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 2660706
thecoolposts.com/sw-check-permissions/ 0
701 B 48ms
48ms Other
application/javascript 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/sw-check-permissions/2660706?var=3520015&ymid=378562555951460825&uhd=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 zone
thecoolposts.com/ 0
252 B 32ms
32ms Ping
text/plain 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id: e5cf9aa4484aa3a9fe3524d135e96862
date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://thecoolposts.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 141ms
58ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=2660706&checkDuplicate=true&ymid=378562555951460825&var=3520015

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

91cc30a4f66cfb37a69b3ea2cd65e1cb5f903d2eea7bff78629df9640d4d5e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thecoolposts.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
thecoolposts.com/ 804 B
731 B 35ms
35ms Fetch
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5a374a8e8d9824258838ff857a6a9d97ae0e27218aacd985fb62398cda4ce821

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id: 80c633cd03586662535773b213874989
date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 / Show response
thecoolposts.com/ 40 KB
18 KB 64ms
64ms Document
text/html 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 140cd69f754cfa3dbb5bca01f63cf58fdd7cd91cd4a53ec2cb4b90ef932859c8

Request headers

Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 22:44:09 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 micro.tag.min.js Show response
thecoolposts.com/pfe/current/ 26 KB
10 KB 29ms
29ms Script
application/javascript 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
last-modified: Mon, 02 Oct 2023 15:45:50 GMT
server: nginx
etag: W/"651ae5ae-68a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
thecoolposts.com/19/5154505/ 3 KB
2 KB 38ms
38ms XHR
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/19/5154505/?abt_opts=1&var=3520015&var3=378562555951460825&ymid=&rhd=1

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

64ccae169b65d2a17d9c113306fa2103d68fd9388bb0e1433f0114ff9db11ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
x-trace-id: 2e963ee171aeede018407f56fcdceeb0
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
thecoolposts.com/ 2 B
307 B 51ms
50ms XHR
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2&mprtr=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 2660706
thecoolposts.com/sw-check-permissions/ 0
701 B 37ms
36ms Other
application/javascript 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thecoolposts.com/sw-check-permissions/2660706?var=3520015&ymid=378562555951460825&uhd=1
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 zone
thecoolposts.com/ 0
252 B 29ms
29ms Ping
text/plain 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id: 6f5fdb217656430a18d937eb960a5f7c
date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://thecoolposts.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 33ms
32ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=2660706&checkDuplicate=true&ymid=378562555951460825&var=3520015

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

91cc30a4f66cfb37a69b3ea2cd65e1cb5f903d2eea7bff78629df9640d4d5e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thecoolposts.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
thecoolposts.com/ 804 B
730 B 30ms
30ms Fetch
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5a374a8e8d9824258838ff857a6a9d97ae0e27218aacd985fb62398cda4ce821

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id: d3f17b1a51a3f7827157e60937830114
date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 rhd Show response
thecoolposts.com/ 3 KB
3 KB 146ms
146ms Fetch
application/json 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/rhd?rb=6wIwOB8Z7dU1arz9jfa8mfGq7qcDwyReedSKXgmzpcQ7L7oXv_MoF-w4GN1L66niqrNVyIJtL5c2-GqH55SdLGNv1__PVOEsLJFzuphN8xr0fYtSN88GHEBJUF85tSp515r6NOAr1bjwhxUFbAOSWERIRT8gZPT87roWRzWq_95eDk3UVm36cnJVq-o_C8u5xgRKK5Q31Y3SXDdv0BY_qectIknaiyAQFmbMu0eS5CMgGK6IxVFF27Qxuon_sVxenGVXE1-ASaz_-dftaX8nCPduK9wWpA-yd4v6wgdVhZ7MEAEl_DIUhkvO0bCJxPDoStw98bUtypXSnkrTu_GIeaqSIKLvuNix9SGUjTJM1C0rFUKy9uIXi9Rv8YI81lbFRaPi7ybvp7fI7M1coJFiuvR7n55roi1lxc7laQ%3D%3D&request_ab2=0&zoneid=5154505&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fthecoolposts.com%2F%3Fl%3DXKmG8ooqkNkREHl%26s%3D378562555951460825%26z%3D3520015%26rdc%3D2&drf=https%3A%2F%2Fthecoolposts.com%2F%3Fl%3DXKmG8ooqkNkREHl%26s%3D378562555951460825%26z%3D3520015&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=3520015&var3=378562555951460825&ymid=&rhd=1&m=link

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2a133a86345d29299c0ccb2cef9c2d489de3401500e48e70278a9394b842a449

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
x-trace-id: 10742fb854ed23952de75db88807eac8
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

Primary Request / Show response
promotions.betfred.com/
Redirect Chain

https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=5154505&subzone_id=0&browserversion=73&osversion=win10&user_activity=high&bannerid=14185211&isp=british%20telecommunications%2...
https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wp2b3camqlr5bm2sihb4eecm
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_778232951&target=https://promotions.betfred.com/
https://promotions.betfred.com/

2 KB
1 KB

121ms
95ms

Document
text/html

45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 14b64c551f4792edf6c67f0870f03aa99d611723c2dc195cdb882e74af49c4a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 04 Oct 2023 22:44:11 GMT
etag: W/"650983a2-5a5"
last-modified: Tue, 19 Sep 2023 11:18:58 GMT
server: nginx/1.18.0
vary: Accept-Encoding
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
x-amz-cf-id: LVrmqxj709csNLkiGtUPk1-pZfedFlDeIxbJusJZAmLQRYOtUb4-cA==
x-amz-cf-pop: LHR61-P3
x-cache: Miss from cloudfront
x-cdn: Imperva
x-iinfo: 14-45412315-45412350 NNNN CT(0 3 0) RT(1696459450807 196) q(0 0 0 0) r(0 0) U12
x-incap-sess-cookie-hdr: vzGxax6FrWvnxXtBOnYYArvqHWUAAAAAeAv6Q+PSwmYuxX646lkD3g==

Redirect headers

cache-control: private
content-length: 148
content-security-policy: frame-ancestors 'self' https://*.betfred.com https://*.rgsgames.com https://*.gameassists.co.uk https://*.virtuefusion.com http://*.ipoker.com https://*.ipoker.com;
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 22:44:10 GMT
location: https://promotions.betfred.com/
server: Microsoft-IIS/8.5
server-timing: intid;desc=bcfb57db4ea793ad
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-content-security-policy: frame-ancestors 'self' https://*.betfred.com https://*.rgsgames.com https://*.gameassists.co.uk https://*.virtuefusion.com http://*.ipoker.com https://*.ipoker.com;
x-frame-options: allow-from https://www.betfred.com/,https://staging.betfred.com/,https://staging2.betfred.com/,https://staging3.betfred.com/,https://platform.gi.rgsgames.com/,https://api9.gameassists.co.uk/,https://betfredrgs2.betfred.com/,https://mobile9.gameassists.co.uk
x-iinfo: 14-45412315-45409887 PNNy RT(1696459450807 88) q(0 1 1 0) r(1 1) U5 WR(W -1 -1 -1 60)
x-incap-sess-cookie-hdr: F40mM8t0XzLcxXtBOnYYArrqHWUAAAAA/XyoPbHmnj9kJ2KUjqAugA==

POST
H2 200 cat.php
thecoolposts.com/ 0
573 B 83ms
82ms Ping
text/plain 139.45.197.155
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thecoolposts.com/cat.php?userId=04531421ab23a3d80208e3669d8940e4&zoneid=5154505&rb=6wIwOB8Z7dU1arz9jfa8mfGq7qcDwyReedSKXgmzpcQ7L7oXv_MoF-w4GN1L66niqrNVyIJtL5c2-GqH55SdLGNv1__PVOEsLJFzuphN8xr0fYtSN88GHEBJUF85tSp515r6NOAr1bjwhxUFbAOSWERIRT8gZPT87roWRzWq_95eDk3UVm36cnJVq-o_C8u5xgRKK5Q31Y3SXDdv0BY_qectIknaiyAQFmbMu0eS5CMgGK6IxVFF27Qxuon_sVxenGVXE1-ASaz_-dftaX8nCPduK9wWpA-yd4v6wgdVhZ7MEAEl_DIUhkvO0bCJxPDoStw98bUtypXSnkrTu_GIeaqSIKLvuNix9SGUjTJM1C0rFUKy9uIXi9Rv8YI81lbFRaPi7ybvp7fI7M1coJFiuvR7n55roi1lxc7laQ==&var=3520015&var3=378562555951460825&ymid=&rhd=1

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 Oct 2023 22:44:10 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 0
x-trace-id: 0ff882e0178cf5ba1a74fd20a9cecd7f
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://thecoolposts.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 uture-it-no-ouetst-Goose-That-ward-Such-thers-of Show response
promotions.betfred.com/ 227 KB
73 KB 59ms
58ms Script
text/javascript 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/uture-it-no-ouetst-Goose-That-ward-Such-thers-of
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: 82790497c307b41633edf02f7dbf38bafb54b2f8923132be437e1a857a4c9fba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
server: bon
x-cdn: Imperva
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 14-45412315-45412367 NNNN CT(7 12 0) RT(1696459450807 347) q(0 0 0 -1) r(0 0)
cache-control: max-age=60
server-timing: bon, total;dur=0.157927
content-length: 74683

GET
H2 200 modernizr-2.8.3-respond-1.4.2.min.js Show response
promotions.betfred.com/assets/js/vendor/ 19 KB
8 KB 51ms
51ms Script
application/javascript 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4da15d775e44eb702696f425f44a87345ebb301bd5c1316b3c5cd02d26cab564

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:54 GMT
x-cdn: Imperva
etag: "650862a2-4e94"
content-type: application/javascript
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 352) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=41522, public
content-length: 7839
expires: Thu, 05 Oct 2023 10:16:13 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 230ms
73ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 01:49:53 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 75259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6676
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 13:48:29 GMT
server: AmazonS3
etag: "befec09eb386fc68a0869c8d1b529dd6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: USeghB4pIkzcsGAvfM33dX3bs6QSOhtXvB2kWElkhs1WBGdsfdOipQ==

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 224ms
53ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8684f3bf690ac1c5728552ed8bff5f18fb8db87e81f79084b55e6f28ebff2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 04 Oct 2023 22:44:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 51 KB
1 KB 226ms
55ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+Display:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6eddec1bb240c51a3d3d2bcaa7c2462f6ffc4a6113014d3b6a3b3a14fe843b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 04 Oct 2023 22:44:11 GMT

GET
H2 200 main.5529d29e.js Show response
promotions.betfred.com/static/js/ 425 KB
126 KB 29ms
28ms Script
application/javascript 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/static/js/main.5529d29e.js
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2deccb33aced35213cd65ccad864a82e7f455063ad34ce6d3d47512824c98e0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:17 GMT
x-cdn: Imperva
etag: "65097cad-6a501"
content-type: application/javascript
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 414) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50374, public
content-length: 128590
expires: Thu, 05 Oct 2023 12:43:45 GMT

GET
H2 200 main.cfbc30ed.css
promotions.betfred.com/static/css/ 28 KB
7 KB 50ms
50ms Stylesheet
text/css 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 749a72a12afd7ef26346e840dec992ac8c48572199abdbf351effbbedf245dee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:16 GMT
x-cdn: Imperva
etag: W/"65097cac-6f1c"
content-type: text/css
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 349) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50373, public
content-length: 6942
expires: Thu, 05 Oct 2023 12:43:44 GMT

GET
H2 200 _Incapsula_Resource Show response
promotions.betfred.com/ 152 KB
21 KB 44ms
44ms Script
application/javascript 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1722045137
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b64c3c9c16ad322ac7265b54925a2d402f93a475664875b8c3c6e8bdce3c35a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21916
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
promotions.betfred.com/ 1 B
35 B 35ms
35ms Image
text/plain 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7424580604675752
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 310 KB
105 KB 183ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ffc5038d265294e930bd45f0520a23239037b6bddcf02b2c87da15dad7b656c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107030
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:14:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 22:44:11 GMT

GET
H2 200 logo.9a8d4f7a6b4ef425e73419d37b4c180a.svg
promotions.betfred.com/static/media/ 3 KB
2 KB 30ms
30ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/static/media/logo.9a8d4f7a6b4ef425e73419d37b4c180a.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fe51ed16a92cc9a703010e3a9075d13f802aea041fe83e920374c1de06cb1121

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
x-cdn: Imperva
etag: "65097cb0-a26"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 604) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50375, public
content-length: 1347
expires: Thu, 05 Oct 2023 12:43:46 GMT

GET
H2 200 spinner.e6d88eb109fd6abe452bcfa8e2ff5d68.svg
promotions.betfred.com/static/media/ 617 B
516 B 45ms
45ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/static/media/spinner.e6d88eb109fd6abe452bcfa8e2ff5d68.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8cd5765c2b3a630a17c882b9c376fac006c5810d7123d620a94e11442d8df0d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
x-cdn: Imperva
etag: "65097cb0-269"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 608) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50533, public
content-length: 324
expires: Thu, 05 Oct 2023 12:46:24 GMT

GET
H2 200 creative.json Show response
promotions.betfred.com/ 482 KB
17 KB 74ms
74ms XHR
application/json 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/creative.json
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/js/main.5529d29e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1ceb5e231d7c844a6139dda7acf2de2027a58b3606b96aacc41f4ce3578a5261

Request headers

Accept: application/json, text/plain, */*
Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 08:18:24 GMT
server: nginx/1.18.0
x-cdn: Imperva
x-amz-cf-pop: LHR61-P3
etag: W/"651bce50-78723"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
x-iinfo: 14-45412315-45412350 PNNN RT(1696459450807 613) q(0 0 0 -1) r(0 0) U12
x-amz-cf-id: b__SgG7oa4DEVnFpFa1TfRHDKmbmWhJ-WpvGqP3pOTYI24KdKEy_yw==

GET
H2 200 offer.json Show response
promotions.betfred.com/ 589 KB
38 KB 69ms
69ms XHR
application/json 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/offer.json
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/js/main.5529d29e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2038b9bcd9449d18aa40aebf7576f811ab71c189a02042da161bcb388ff39171

Request headers

Accept: application/json, text/plain, */*
Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 14:47:03 GMT
server: nginx/1.18.0
x-cdn: Imperva
x-amz-cf-pop: LHR61-P3
etag: W/"65144067-934af"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
x-iinfo: 14-45412315-45412350 PNNN RT(1696459450807 704) q(0 0 0 -1) r(0 0) U12
x-amz-cf-id: Hzl9a1IrB94aClLjfT_SbqpllG_7D0c30_rAfoN3MnGBkBa53gp7GQ==

POST
H2 200 uture-it-no-ouetst-Goose-That-ward-Such-thers-of Show response
promotions.betfred.com/ 742 B
808 B 72ms
72ms Fetch
application/json 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/uture-it-no-ouetst-Goose-That-ward-Such-thers-of?d=promotions.betfred.com
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/uture-it-no-ouetst-Goose-That-ward-Such-thers-of
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: e52769f8418ece004d856f3afede8b9a8a0b2f9f3cfcdd558de2279d734f8d02

Request headers

Accept: application/json; charset=utf-8
Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
server: bon
x-cdn: Imperva
content-type: application/json
access-control-allow-origin: *
x-iinfo: 14-45412315-45412367 PNYN RT(1696459450807 766) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=19.074261

GET
H2 200 sticker-usp.png
promotions.betfred.com/img/casino/CASINO200/creative/1x/ 1 KB
1 KB 30ms
28ms Image
image/png 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/img/casino/CASINO200/creative/1x/sticker-usp.png
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 211017ca63a38d9a1ae3d0798dc1820dfc8737563da52bd6301834c0b7606f48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Fri, 01 Sep 2023 09:34:20 GMT
x-cdn: Imperva
etag: "64f1b01c-1094"
content-type: image/png
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 814) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16344, public
content-length: 1124
expires: Thu, 05 Oct 2023 03:16:35 GMT

GET
H2 200 creative-mobile-4col.png
promotions.betfred.com/img/casino/CASINO200/creative/1x/ 161 KB
161 KB 30ms
28ms Image
image/png 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/img/casino/CASINO200/creative/1x/creative-mobile-4col.png?1986
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ecad28053dfe2183a6127e7bbfc8c89f7d0af339bab7cc86933def741fb0e21e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Fri, 01 Sep 2023 09:34:20 GMT
x-cdn: Imperva
etag: "64f1b01c-28534"
content-type: image/png
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 816) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16344, public
content-length: 165172
expires: Thu, 05 Oct 2023 03:16:35 GMT

GET
H2 200 gift_bf.f93c343c6e51acf0fb9084e948d488d2.svg
promotions.betfred.com/static/media/ 474 B
421 B 31ms
29ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/static/media/gift_bf.f93c343c6e51acf0fb9084e948d488d2.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 81b7dab652dd4e7c14c2d6028770729060df1221e3185fa393f62da19e30e46b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
x-cdn: Imperva
etag: "65097cb0-1da"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 818) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50387, public
content-length: 280
expires: Thu, 05 Oct 2023 12:43:58 GMT

GET
H2 200 tttt.svg
promotions.betfred.com/assets/img/footer/ 8 KB
3 KB 43ms
42ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/tttt.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 217245e8c0011173e560ba89836d67478d6bf6cace73b5e6fef90784eaaf0494

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:54 GMT
x-cdn: Imperva
etag: "650862a2-216a"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 819) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44977, public
content-length: 2602
expires: Thu, 05 Oct 2023 11:13:48 GMT

GET
H2 200 bga.svg
promotions.betfred.com/assets/img/footer/ 17 KB
6 KB 43ms
42ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/bga.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 699f4187958dea821d9016580d6996602e1a95ea84ed1916b75b9b523bf58d99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:48 GMT
x-cdn: Imperva
etag: "6508629c-4491"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 821) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44977, public
content-length: 6095
expires: Thu, 05 Oct 2023 11:13:48 GMT

GET
H2 200 18.svg
promotions.betfred.com/assets/img/footer/ 3 KB
1 KB 64ms
63ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/18.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 077a92693443ef070ab944030acb8c029fdd14ae1a00661eba95e4a787fdcdce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:48 GMT
x-cdn: Imperva
etag: "6508629c-cd5"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 858) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44977, public
content-length: 1199
expires: Thu, 05 Oct 2023 11:13:48 GMT

GET
H2 200 gc.png
promotions.betfred.com/assets/img/footer/ 15 KB
15 KB 65ms
65ms Image
image/png 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/gc.png
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a035e4af683292e1d570d9a0dea61eea4e4c181c3084023bb619fa0b418a14d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Mon, 18 Sep 2023 14:45:50 GMT
x-cdn: Imperva
etag: "6508629e-4abe"
content-type: image/png
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 859) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=41555, public
content-length: 15035
expires: Thu, 05 Oct 2023 10:16:46 GMT

GET
H2 200 ncc.svg
promotions.betfred.com/assets/img/footer/ 10 KB
4 KB 62ms
61ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/ncc.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 49ba8bae55c461b876e2a0ed7dd0235c348793102854ef20d8cf0697cbce5640

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:54 GMT
x-cdn: Imperva
etag: "650862a2-2680"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 862) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44977, public
content-length: 4095
expires: Thu, 05 Oct 2023 11:13:48 GMT

GET
H2 200 gib.svg
promotions.betfred.com/assets/img/footer/ 300 KB
99 KB 62ms
61ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/gib.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 0f5150ebcec013ee414667aac35db661d087f75a8cc828646d1bfc800b1d19ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:50 GMT
x-cdn: Imperva
etag: "6508629e-4af9d"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 863) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44978, public
content-length: 101667
expires: Thu, 05 Oct 2023 11:13:49 GMT

GET
H2 200 ibia.png
promotions.betfred.com/assets/img/footer/ 13 KB
13 KB 51ms
51ms Image
image/png 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/ibia.png
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6262eb83bf9bb03671083af066f83b5c77cfe80ad86cbc7419b426bc906bbb1c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Mon, 18 Sep 2023 14:45:50 GMT
x-cdn: Imperva
etag: "6508629e-406e"
content-type: image/png
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 881) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=41557, public
content-length: 13133
expires: Thu, 05 Oct 2023 10:16:48 GMT

GET
H2 200 ngh.svg
promotions.betfred.com/assets/img/footer/ 50 KB
17 KB 49ms
47ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/ngh.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9c75420e20779358e84b56e56eb7758ae698c8bed3f65ff31fab7f2a23cd34eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:54 GMT
x-cdn: Imperva
etag: "650862a2-c8fb"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 946) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44977, public
content-length: 17103
expires: Thu, 05 Oct 2023 11:13:48 GMT

GET
H2 200 gs.svg
promotions.betfred.com/assets/img/footer/ 15 KB
6 KB 54ms
52ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/assets/img/footer/gs.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 91ca49847ee545f5c5b2279193dd91e4608456503fc322470596b6041b5b9272

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:45:50 GMT
x-cdn: Imperva
etag: "6508629e-3c63"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 949) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=44978, public
content-length: 6453
expires: Thu, 05 Oct 2023 11:13:49 GMT

GET
H2 200 trustpilot-toggle.js Show response
promotions.betfred.com/js/ 1 KB
592 B 62ms
61ms Script
application/javascript 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/js/trustpilot-toggle.js
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/js/main.5529d29e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: de85157d2fdc7accb91dc40d23d5e90aa9a6fdea491c50f8cb23af15e0dbec62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Sep 2023 14:53:57 GMT
x-cdn: Imperva
etag: "65086485-714"
content-type: application/javascript
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 953) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=41595, public
content-length: 413
expires: Thu, 05 Oct 2023 10:17:26 GMT

GET
H2 200 background-desktop.jpg
promotions.betfred.com/img/casino/CASINO200/bg/ 437 KB
438 KB 26ms
25ms Image
image/jpeg 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/img/casino/CASINO200/bg/background-desktop.jpg?9287
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fcf4f43ea254e94ef3e6946374edd20e5746ecda5aaec9df151d0cade500db65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Fri, 01 Sep 2023 09:32:22 GMT
x-cdn: Imperva
etag: "64f1afa6-6d4b4"
content-type: image/jpeg
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 839) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=16357, public
content-length: 447668
expires: Thu, 05 Oct 2023 03:16:48 GMT

GET
H2 200 diamond_bg.17037e86d5faa4e4cea0.svg
promotions.betfred.com/static/media/ 587 B
499 B 36ms
35ms Image
image/svg+xml 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.betfred.com/static/media/diamond_bg.17037e86d5faa4e4cea0.svg
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1fd9691fceaa2c9bc521bc83425e191ffa8de6f5760af12cb2ed5d95baaa9f25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/static/css/main.cfbc30ed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:49:19 GMT
x-cdn: Imperva
etag: "65097caf-24b"
content-type: image/svg+xml
x-iinfo: 14-45412315-0 0CNN RT(1696459450807 841) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=50539, public
content-length: 326
expires: Thu, 05 Oct 2023 12:46:30 GMT

GET
H2 200 exo-black-webfont.ff44a6ed0cdddfd17c57.woff2
promotions.betfred.com/static/media/ 21 KB
22 KB 29ms
29ms Font
font/woff2 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/static/media/exo-black-webfont.ff44a6ed0cdddfd17c57.woff2
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: badd919d133c0ac5c0186ea595736554b37d46674be5f6a3dc62e45797f63467

Request headers

Referer: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Origin: https://promotions.betfred.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 06:54:30 GMT
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
server: nginx/1.18.0
x-cdn: Imperva
x-amz-cf-pop: LHR61-P3
age: 56981
etag: "65097cb0-54ac"
x-cache: Hit from cloudfront
content-type: font/woff2
x-iinfo: 14-45412315-45412350 PNNN RT(1696459450807 828) q(0 0 0 -1) r(0 0) U12
x-incap-sess-cookie-hdr: +PEZOtj+CCHnxXtBOnYYArvqHWUAAAAA/i/EZdS6waEkn/d11WA+SQ==
accept-ranges: bytes
content-length: 21676
x-amz-cf-id: XbkfhuBXv1_ubEPoawYskNt4nPiDlxhzGMm9W5gTJvYsh03Wx9CYPQ==

GET
H2 200 exo-bold.ae294787b2b07fa0bca0.woff2
promotions.betfred.com/static/media/ 25 KB
26 KB 33ms
32ms Font
font/woff2 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/static/media/exo-bold.ae294787b2b07fa0bca0.woff2
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9c5ad4608696e74ae9a26e1749ed8216753dc0b4810906fc61c34ea2b8ff732f

Request headers

Referer: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Origin: https://promotions.betfred.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 20:33:31 GMT
via: 1.1 8b225d7dbb570edc490ce7b9b77a3a2e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
server: nginx/1.18.0
x-cdn: Imperva
x-amz-cf-pop: LHR61-P3
age: 7840
etag: "65097cb0-6594"
x-cache: Hit from cloudfront
content-type: font/woff2
x-iinfo: 14-45412315-45412350 PNNN RT(1696459450807 833) q(0 0 0 -1) r(0 0) U12
x-incap-sess-cookie-hdr: oj2QGTTAiTznxXtBOnYYArvqHWUAAAAAQxdAdqUVSN6TAEvqxJqHwQ==
accept-ranges: bytes
content-length: 26004
x-amz-cf-id: TvoB4vkfBBiaaK8OMRiFTjyb-ADZf0JO3i8-8hyKpUj4BOl807s93A==

GET
H2 200 exo-demibold.61fe8e5fdf7c9cb54ab1.woff2
promotions.betfred.com/static/media/ 26 KB
27 KB 33ms
33ms Font
font/woff2 45.60.124.248
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.betfred.com/static/media/exo-demibold.61fe8e5fdf7c9cb54ab1.woff2
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9e4f71ad39708f30f53d43a3d809c26b7e94c5edb108bff46d9f85879abf42ae

Request headers

Referer: https://promotions.betfred.com/static/css/main.cfbc30ed.css
Origin: https://promotions.betfred.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Tue, 03 Oct 2023 23:43:43 GMT
via: 1.1 7a099deb81d48fdcc5e18b9c5e6daf24.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 10:49:20 GMT
server: nginx/1.18.0
x-cdn: Imperva
x-amz-cf-pop: LHR61-P3
age: 82828
etag: "65097cb0-69b4"
x-cache: Hit from cloudfront
content-type: font/woff2
x-iinfo: 14-45412315-45412466 NNNY CT(1 1 0) RT(1696459450807 834) q(0 0 0 -1) r(0 0) U12
x-incap-sess-cookie-hdr: FLIwCRXLLX3nxXtBOnYYArvqHWUAAAAAzInFD8ps42LpCgvPM/7GSA==
accept-ranges: bytes
content-length: 27060
x-amz-cf-id: E_G_4pilIrNhIa6S1eIB8urb0OMdrQug0YlopvH8GRE_NfP0DEQKkQ==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 184ms
45ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-53345WW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3732b83f985bb8e4e90898dfd56e71318746180593a48617d1c792dd4baa9a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50637
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:14:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 22:44:11 GMT

GET
H2

200

activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epve... Show response
8373518.fls.doubleclick.net/ Frame 09A6
Redirect Chain

https://8373518.fls.doubleclick.net/activityi;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafv...

551 B
484 B

386ms
385ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

6dfdebddfad26ae0bf08084f16abc4f1f5b3e04214837c0b88af504618b23648

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotions.betfred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:44:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:44:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 190ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 04 Oct 2023 22:44:11 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE7C90C16F8347B18B0071110D165BDA Ref B: LTSEDGE2114 Ref C: 2023-10-04T22:44:11Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 24 KB
8 KB 248ms
62ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ecdd0af9a397233fd167c920e5fc440fe6bf713916dbb6669fe67d0b253fa46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 11:33:54 GMT
Server: AkamaiNetStorage
ETag: "b4a8b2b920b282fa6ee60c244ffc535a:1696246613.514339"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: GB
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7375
Expires: Wed, 04 Oct 2023 23:04:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 204ms
38ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 22:44:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: xTn0TdVfQUP3W4rT/cURIWVLEEgFqPxWB/uRuljJsd7jxgQ6YaZI8c+nW5fOhLym570ACQDSvOOYlUP01OTSvA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adalyser.js Show response
c5.adalyser.com/ 35 KB
12 KB 301ms
57ms Script
application/javascript 54.216.55.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c5.adalyser.com/adalyser.js?cid=betfred
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.55.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-55-98.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4a9b6603ef41adb1bea50a3b32b75d3cb2b3b836e78bcbdbcb2b71ac41b882a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
content-encoding: gzip
x-powered-by: Express
etag: "ce310b40ba31e4d4c1230269268cf316846b76fd"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=21600
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 12183

GET
H2 200 hotjar-756744.js Show response
static.hotjar.com/c/ 10 KB
4 KB 225ms
47ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-756744.js?sv=6

Requested by

Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

2ae4986fc951ed8f8ee835722954ae72559ee2e3d454c1432c291f9ef48e31bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 38
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/423966e86f0d9ca7ab781e51d584a90f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: Cu6GHQ1j4fINkC06NjQaaGtOTeyvmB3YbeMf8afpZCwnEn0-7lfh2g==

GET
H2 200 eum.min.js Show response
eum.instana.io/ 27 KB
10 KB 214ms
51ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d

Request headers

Referer: https://promotions.betfred.com/
Origin: https://promotions.betfred.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 86303
etag: -724079698--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 8110f2b6ec66459f-LHR

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 249ms
52ms Script
application/x-javascript 2600:9000:214f:7800:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:12:18 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2023 22:12:08 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 1914
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: L5MzqjjJnVw23YU41L2GZVw8DKitHK15vcEso7w0YdDGafImZKnoHA==
expires: Wed, 04 Oct 2023 23:12:18 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

519ms
52ms

Script
application/javascript

146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230094-FRA

Redirect headers

Date: Wed, 04 Oct 2023 22:44:12 GMT
Server: ECS (lhb/63DD)
x-tw-cdn: VZ
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length: 0

GET
H/1.1 200
OK cooladata-latest.min.js Show response
cdn.cooladata.com/tracking/ 14 KB
6 KB 153ms
36ms Script
application/javascript 151.101.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cooladata.com/tracking/cooladata-latest.min.js
Requested by: Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95cd3e5597b8644d0284aa92f248141c5d5b3d4f0a1832714ee87df97e585362

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:12 GMT
Content-Encoding: gzip
Via: 1.1 varnish
x-amz-request-id: 2DNDSB12XYTQ9F6A
Age: 40249
X-Cache: HIT
Connection: keep-alive
Content-Length: 5321
x-amz-id-2: j1mUhaMSTlKuFWLQD2Ig485xXO3DAetEgOY9VGjAcjN2A4eXELl9CW6Wag0DfKhYykQ24PelLsU=
X-Served-By: cache-lcy-eglc8600031-LCY
Last-Modified: Sun, 19 Feb 2023 11:30:28 GMT
Server: AmazonS3
X-Timer: S1696459452.006044,VS0,VE0
ETag: "89650b982e86954d0c92046b6731f0ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 10144

GET
H2 200 landingpage Show response
zz.connextra.com/dcs/tagController/tag/023486a1c64b/ 46 KB
16 KB 575ms
378ms Script
text/javascript 104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/023486a1c64b/landingpage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: a0ba3e3097b23987e4e2a5279113d5bddb7c233913300712db641f2408301395

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: must-revalidate, max-age=25
x-envoy-upstream-service-time: 3
content-length: 16437
expires: Wed, 04 Oct 2023 22:44:37 GMT

GET
H2 200 UAParser.min.js Show response
content.betfred.com/js/ 18 KB
18 KB 592ms
403ms Script
application/javascript 52.213.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.betfred.com/js/UAParser.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.159.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-159-54.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 28427c925e32a073ed3f709293ee57a30f42ee033b4d4d13ae646374baf064ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
last-modified: Thu, 28 Sep 2023 12:53:01 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "6515772d-48aa"
content-length: 18602
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
87 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VDC5SRZCK7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

920af9f6ee8eec980e21e5ecd4d275fee137ffb3768ab9f0a60cee539a109b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 22:44:11 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
154 B 52ms
52ms Ping
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VDC5SRZCK7&gtm=45je3a20&_p=507467438&cid=2136369939.1696459452&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696459451&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.betfred.com%2F&dt=Betfred%20Casino%20%7C%20Casino%20Welcome%20Offer&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.IA_btag=affiliateId%3D101783%26trackingSystem%3DIA%26trackingString%3Da_109111b_c_d_778232951&ep.hostname=promotions.betfred.com&ep.isApp=false&ep.screenResolution=1600x1200&ep.platform=promotions.betfred&up.platform=promotions.betfred
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDC5SRZCK7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betfred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VDC5SRZCK7&gtm=45je3a20&_p=507467438&cid=2136369939.1696459452&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1696459451&sct=1&seg=1&dl=https%3A%2F%2Fpromotions.betfred.com%2F&dt=Betfred%20Casino%20%7C%20Casino%20Welcome%20Offer&en=page_view&_c=1&ep.IA_btag=affiliateId%3D101783%26trackingSystem%3DIA%26trackingString%3Da_109111b_c_d_778232951&ep.hostname=promotions.betfred.com&ep.isApp=false&ep.screenResolution=1600x1200&ep.platform=promotions.betfred&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDC5SRZCK7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betfred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 11006811.js Show response
bat.bing.com/p/action/ 0
116 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11006811.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 04 Oct 2023 22:44:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58E1EF8B92C04B4D8174DE78CF2EFB18 Ref B: LTSEDGE2114 Ref C: 2023-10-04T22:44:11Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 997ms
997ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11006811&tm=gtm002&Ver=2&mid=dd735b6e-60ab-436b-b125-a4d2372684c1&sid=899b0290630711eea90c89b0760f7f2d&vid=899b3ed0630711ee81c725e5eaa07e4f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Betfred%20Casino%20%7C%20Casino%20Welcome%20Offer&p=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&r=&lt=1380&evt=pageLoad&sv=1&rn=945859

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:44:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A82A74A80FFF4844B94D2E261CF62810 Ref B: LTSEDGE2114 Ref C: 2023-10-04T22:44:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 23:49:43 GMT

GET
H2 200 255853444587610 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 560ms
560ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/255853444587610?v=2.9.132&r=stable&domain=promotions.betfred.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d4c4c1cb17b11010d91eb25eed4db4247727657fdcbbf299059d0e85fbf80bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 22:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: P+9q/XX776yJPapvDRBRa0AOZ1N7ZAAXiJIEP5narbbnnI3stk++nlvypG9uT9AQi20khStCO5kThpRiYshUvg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 720ms
99ms Ping
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06724116853282744&referrer=&cht=gtm&marketerId=00d1d9652af0c4fb81e7f700ffd35c466c&name=PAGE_VIEW&dl=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:12 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5c2ac44e7b9070f13a5aaa61caf43454
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 721ms
100ms Script
application/javascript 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00d1d9652af0c4fb81e7f700ffd35c466c
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:12 GMT
content-encoding: br
X-TraceId: 47347e2792520651c29f2f027bd276d6
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00d1d9652af0c4fb81e7f700ffd35c466c Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 511ms
379ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00d1d9652af0c4fb81e7f700ffd35c466c
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:12 GMT
Content-Encoding: gzip
ob-sent-time: 1696402299478
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: GB
Connection: keep-alive
X-TraceId: cc84e14c9a3aa482e6c42d505a33f924
Content-Length: 22
Expires: Wed, 04 Oct 2023 22:45:12 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 23:25:38 GMT

GET
H2 200 __cool.gif
api.cooladata.com/egw/5/c3z68i4445e612jthaha2yr03ax571rm/track/ 0
318 B 499ms
378ms Image
image/gif 35.241.11.19
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.cooladata.com/egw/5/c3z68i4445e612jthaha2yr03ax571rm/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg3LjAuNDI4MC4xNDEgU2FmYXJpLzUzNy4zNiBPUFIvNzMuMC4zODU2LjM0NCIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkJldGZyZWQgQ2FzaW5vIHwgQ2FzaW5vIFdlbGNvbWUgT2ZmZXIiLCJwYWdlX3VybCI6ICJodHRwczovL3Byb21vdGlvbnMuYmV0ZnJlZC5jb20vIy9hZmZpbGlhdGVzL2Nhc2luby9DQVNJTk8yMDA/JnNpdGVpZD0xMDkxMTEmcmVmZXJyZXI9JmNsaWNrPTc3ODIzMjk1MSIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4yMiIsImV2ZW50X25hbWUiOiAicGFnZV9sb2FkIiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTY0NTk0NTIwNDEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAxLCJ1c2VyX2lkIjogIjE4YWZjZGNlZTg3M2MzLTAyN2EyYjZiZGU1NDE5LTRlNTI0NjUxLTFkNGMwMC0xOGFmY2RjZWU4ODEyNmYifQpdfQ==
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.11.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 19.11.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-me: prod-instance-gatewayservice-green-kdsv
date: Wed, 04 Oct 2023 22:44:12 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 modules.d1a287a63a306981f0b9.js Show response
script.hotjar.com/ 224 KB
55 KB 562ms
52ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d1a287a63a306981f0b9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-756744.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

c056d49f632f2452cc7ba60354b5645fc7042bf4c24c213ca291d4cf2dd17408

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 16:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 23406
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55808
last-modified: Wed, 04 Oct 2023 16:13:57 GMT
etag: "c8672aad8670da4e902b5a8ba28e2f7a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SIBmeT04ay1C0ZMfi-UqG2tJjdGR02D5zwqRX1YJLSslOE65w_dMew==

GET
H2 200 p
c5.adalyser.com/tracking/track/v3/ 43 B
341 B 68ms
68ms Image
image/gif 54.216.55.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c5.adalyser.com/tracking/track/v3/p?stm=1696459452080&e=lce1&url=https%3A%2F%2Fpromotions.betfred.com%2F&cid=betfred&p=%7B%22a1%22%3A%22Session%22%2C%22et%22%3A1696459452078%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%226681afbb-c617-4dd2-a14d-428b58d1c0dd%22%2C%22duid%22%3A%226e9fcc13-aed8-4ca0-8ca9-0e16a30d4330%22%2C%22cw%22%3A1696459452078%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.141%20Safari%2F537.36%20OPR%2F73.0.3856.344&domain=promotions.betfred.com
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.55.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-55-98.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
x-powered-by: Express
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 44ms
43ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=507467438&t=pageview&_s=1&dl=https%3A%2F%2Fpromotions.betfred.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Betfred%20Casino%20%7C%20Casino%20Welcome%20Offer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjCAAAACAEK~&jid=807990461&gjid=1575431338&cid=2136369939.1696459452&tid=UA-2859093-16&_gid=1690828099.1696459452&_r=1&_slc=1&gtm=45He3a20n51JH36&cd6=GTM-JH36&cd7=457&cd9=gtm.js&cd10=promotions.betfred.com&cd11=0&cd12=affiliateId%3D101783%26trackingSystem%3DIA%26trackingString%3Da_109111b_c_d_778232951&cd47=undefined&z=30950579&cd48=549

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betfred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20795173p.rfihub.com/ Frame 1D5D 2 KB
2 KB 505ms
36ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20795173p.rfihub.com/ca.html?ver=9&rb=24579&ca=20795173&_o=24579&_t=20795173&pe=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&pf=&ra=6016646717258172
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: c2d4b180dfc5d332922894ca75cd41c62364b96c1d412ba380b31e8a9b8efd07

Request headers

Referer: https://promotions.betfred.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 1677
Content-Type: text/html;charset=utf-8
Date: Wed, 04 Oct 2023 22:44:12 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
357 B 528ms
97ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2859093-16&cid=2136369939.1696459452&jid=807990461&gjid=1575431338&_gid=1690828099.1696459452&_u=aCDAAEAiCAAAACAEK~&z=792526470

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5c53afd068d6bb4a3a07d2769e06c241904fee0082f5af01e7b50f49d2a00d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.betfred.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
adservice.google.com/ddm/fls/i/ Frame 0CE5 194 B
440 B 264ms
120ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F

Requested by

Host: 8373518.fls.doubleclick.net
URL: https://8373518.fls.doubleclick.net/activityi;dc_pre=CJ3jj_i73YEDFRwLogMd_nQOtQ;src=8373518;type=count101;cat=000un0;ord=1;num=9688382397587;auiddc=1798656248.1696459452;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromotions.betfred.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8373518.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:44:12 GMT
expires: Wed, 04 Oct 2023 22:44:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 242ms
101ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=255853444587610&ev=PageView&dl=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&rl=&if=false&ts=1696459452603&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696459452602.1007699250&ler=empty&it=1696459452021&coo=false&exp=a1&rqm=GET

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 22:44:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 1D5D
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%2...
https://p.rfihub.com/cm?pub=39342&in=0&userid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab...
https://idsync.rlcdn.com/501709.gif?partner_uid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&_=1696459453.144293
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPCZs3OyaH8XA1do5Cys3UU&google_cver=1

42 B
290 B

35ms
34ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPCZs3OyaH8XA1do5Cys3UU&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:13 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPCZs3OyaH8XA1do5Cys3UU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame 1D5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYzMDAwMzAyODE0OQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFme0bNBPuHqffpzXoY7gJ0&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab37-aeeede2...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630003028149&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8a4ba5e1-e066-4b74-ab...
https://idsync.rlcdn.com/501709.gif?partner_uid=8a4ba5e1-e066-4b74-ab37-aeeede2a8650%3A1696459453.1430328&_=1696459453.9250646
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6476700339460634249

42 B
60 B

33ms
33ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6476700339460634249
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:14 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:14 GMT
an-x-request-uuid: d47a7ce7-b1a6-41ca-9682-ac60fd1afdba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6476700339460634249
x-proxy-origin: 194.74.212.110; 194.74.212.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 1D5D
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5109685630003028149
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630003028149

43 B
880 B

95ms
94ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630003028149

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
an-x-request-uuid: 744e1046-2810-4fb1-99e6-4bc3cc0b591b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.110; 194.74.212.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
an-x-request-uuid: 399a2729-b682-47cd-9bc1-a6454015d692
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630003028149
cache-control: no-store, no-cache, private
x-proxy-origin: 194.74.212.110; 194.74.212.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 1D5D 42 B
423 B 188ms
55ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5109685630003028149&r=
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 04 Oct 2023 22:44:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 1D5D 43 B
264 B 171ms
51ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630003028149&r=
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1D5D
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5109685630003028149&bid=omt9pi0

0
344 B

232ms
41ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5109685630003028149&bid=omt9pi0
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Date: Wed, 04 Oct 2023 22:44:13 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5109685630003028149&bid=omt9pi0
Date: Wed, 04 Oct 2023 22:44:12 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 1D5D 53 B
615 B 369ms
234ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685630003028149

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:44:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 04 Oct 2023 22:44:12 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 1D5D 42 B
440 B 172ms
52ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685630003028149
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
partners.tremorhub.com/ Frame 1D5D 43 B
175 B 562ms
200ms Image
image/gif 2600:1f18:612b:4216:f83a:28a1:111d:1bc4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5109685630003028149&r=oXvKMMNF2eJM
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:f83a:28a1:111d:1bc4 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 04 Oct 2023 22:44:13 GMT
server: nginx
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 1D5D 43 B
146 B 209ms
60ms Image
image/gif 3.121.203.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685630003028149&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.203.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-203-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20795173p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 adsct
t.co/i/ 43 B
376 B 297ms
166ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=0203933d-f545-46c5-91b8-90c5dd5240ee&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c9e40257-a546-4c8d-a27f-eaf73da13448&tw_document_href=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2prp&type=javascript&version=2.3.29

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-response-time: 106
date: Wed, 04 Oct 2023 22:44:12 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: ffd69cacea862c8f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2114e535b41d024b560d0963d519e6225059475fd1de4edc8c26edc3548a9baf
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 284ms
158ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=0203933d-f545-46c5-91b8-90c5dd5240ee&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c9e40257-a546-4c8d-a27f-eaf73da13448&tw_document_href=https%3A%2F%2Fpromotions.betfred.com%2F%23%2Faffiliates%2Fcasino%2FCASINO200%3F%26siteid%3D109111%26referrer%3D%26click%3D778232951&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2prp&type=javascript&version=2.3.29

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-response-time: 107
date: Wed, 04 Oct 2023 22:44:12 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 772da815a9899072
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f4889fa39ba18f912c14b880c0ebe75cb137235b0212fee93408b22281a5718e
content-length: 43

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 213ms
67ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2859093-16&cid=2136369939.1696459452&jid=807990461&_u=aCDAAEAiCAAAACAEK~&z=1748082741

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.br/ads/ 42 B
408 B 238ms
77ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.br/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2859093-16&cid=2136369939.1696459452&jid=807990461&_u=aCDAAEAiCAAAACAEK~&z=1748082741

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 023486a1c64b Show response
zz.connextra.com/Betfred/dcs/tagController/tagData/ 0
535 B 70ms
70ms XHR
text/plain 104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/Betfred/dcs/tagController/tagData/023486a1c64b
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin: https://promotions.betfred.com
content-type: text/plain
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 20
expires: Wed, 04 Oct 2023 22:44:13 GMT

GET
H2 200 seg
secure.adnxs.com/ Frame 5474 43 B
840 B 99ms
96ms Image
image/gif 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=16759969&t=2

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
an-x-request-uuid: 0835470c-6c5e-4798-9b66-1b345ba64f31
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.110; 194.74.212.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

6476700339460634249
zz.connextra.com/sync/data/uid/3bc1d7fd2e/ Frame A675
Redirect Chain

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/6476700339460634249

43 B
413 B

84ms
84ms

Image
image/gif

104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/6476700339460634249
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 1
content-length: 64
expires: Wed, 04 Oct 2023 22:44:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
an-x-request-uuid: f9ff8e36-da82-4ad3-941d-06e2a815f708
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/6476700339460634249
x-proxy-origin: 194.74.212.110; 194.74.212.110; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 0E37
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=&_bee_ppp=1

43 B
796 B

38ms
38ms

Image
image/gif

52.50.95.29

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=&_bee_ppp=1

Requested by

Host: promotions.betfred.com
URL: https://promotions.betfred.com/

Protocol

HTTP/1.1

Server

52.50.95.29 -, , ASN (),

Reverse DNS

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
Date: Wed, 04 Oct 2023 22:44:13 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-2403&value=&_bee_ppp=1
Date: Wed, 04 Oct 2023 22:44:13 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

AAESbU7KO9UAABepFBoRpw
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame EB79
Redirect Chain

https://match.prod.bidr.io/cookie-sync/geniussports
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAESbU7KO9UAABepFBoRpw

43 B
413 B

93ms
93ms

Image
image/gif

104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAESbU7KO9UAABepFBoRpw
Requested by: Host: promotions.betfred.com
URL: https://promotions.betfred.com/
Protocol: H2
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:44:13 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 1
content-length: 64
expires: Wed, 04 Oct 2023 22:44:13 GMT

Redirect headers

location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAESbU7KO9UAABepFBoRpw
Date: Wed, 04 Oct 2023 22:44:13 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 v2gtm_dataStream.min.js Show response
content.betfred.com/js/DataStream/ 17 KB
18 KB 38ms
38ms Script
application/javascript 52.213.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.betfred.com/js/DataStream/v2gtm_dataStream.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JH36&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.159.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-159-54.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: bc73d5e0c35caffaf54879a0b41a7448c5741ce44fd7a050ae5d748ae946f94c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://promotions.betfred.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date: Wed, 04 Oct 2023 22:44:13 GMT
last-modified: Thu, 14 Sep 2023 08:58:44 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "6502cb44-45ba"
content-length: 17850
content-type: application/javascript

POST batch_data
loaduk.betfred.com/ 0
0

OPTIONS batch_data
loaduk.betfred.com/ Frame 0
0

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ 0
190 B 242ms
43ms Ping
text/plain 34.240.57.208

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.57.208 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promotions.betfred.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 04 Oct 2023 22:44:14 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: loaduk.betfred.com
URL: https://loaduk.betfred.com/batch_data

Domain: loaduk.betfred.com
URL: https://loaduk.betfred.com/batch_data

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thecoolposts.com/	1970-01-20 23:59:55	Name: OAID Value: 04531421ab23a3d80208e3669d8940e4
thecoolposts.com/	1970-01-20 23:59:55	Name: oaidts Value: 1696459449
my.rtmark.net/	1970-01-20 23:59:55	Name: ID Value: 7dcbdb47c6404940ad579703fbddc19d
thecoolposts.com/	1970-01-21 00:50:19	Name: syncedCookie Value: true
thecoolposts.com/	1970-01-20 15:14:23	Name: reverse Value: 0sDivNde4oLSKfJ0BDqWu7FvmdpBx9S2X68gxXimc3s
thecoolposts.com/	1970-01-20 15:14:19	Name: prefetchAd_5154505 Value: true
.track.joyful-u.vip/	1970-01-20 15:15:45	Name: e90c5688-f303-43ee-8f72-7debe5243745-v4 Value: QJnZjzG5ZTeRKPH9hkaGbxDzBLfXUkhcqC-VeGbwFs0
.track.joyful-u.vip/	1970-01-20 23:59:55	Name: cc-v4 Value: 7NHsYeBR1Wa8E69mPDKK%2BIwG4knwwqtYZQbfvZf8jO452xsy2Vj6rIl0cnXBLojuuuOtq8PsOB6S0yj3zO2cJJXs6gsml1n3SgFVhMLs7BFXzgLYoasoOMnJ9stpOQzXo5zgtOvU6lF7S6k57BxvDg%3D%3D
bfpartners.click/	1970-01-20 15:14:26	Name: XSRF-TOKEN Value: eyJpdiI6IlV6bUZhc2t3VnRBNUd5RkVpL0tjcVE9PSIsInZhbHVlIjoidWlwWWNOckEwNlZoTXdQWEFOVzYvMjU0YVBCR1UxbCtoblBsbFdpcEkxUnM5cVRvT3ArUWF6dEZ1TG5EVFQ5QjYxZ0Z3QWpXZmp3U2FKTldORCs3Um9HNHpyZnVsQlI0TGZ6UjJzK1RzUThQejd0S1BCc1gyRmUrNDBLQTNOaDEiLCJtYWMiOiJjYmJiYzQ1MjAxYmQ4NWIxMWVkNzEzYzdhYTJkNThjNWZkM2NhMmY3ZWVhYzZlZGU1ZDU2NjVhMjM1ZTY1NDA0IiwidGFnIjoiIn0%3D
bfpartners.click/	1970-01-20 15:14:26	Name: awa_app_session Value: eyJpdiI6IktIY1NQUS93WnNWYmc1WXhpVnN1RVE9PSIsInZhbHVlIjoidXZWbUp1VTBqN3NrQWhxRXl2aUhMVEFkY3BTNnNQS3FXaHZhYWNHVzZMMDhGSCtFZlc4UVJjZE0rMEpJb0tyZnI5cnFwU2FlcXRQalFOR0x1Z1luaW1EV09QUmdPNW1MUFl3ODk4aDVvUGxLWXo1a2tWbEdSWGxLaVhXY0oyNmEiLCJtYWMiOiI0MWNlNzcyMmRhZTM1ZmE3MTg1MmZiYTQ3NDVkOGRmMDZlMjllY2ZkMDQ2Zjc0ODI5NWY0MTdkNmFiYmYzNTNiIiwidGFnIjoiIn0%3D
bfpartners.click/	1970-01-20 15:15:45	Name: campaign_19_lp_59_aff_101783 Value: eyJpdiI6Im1FRTVwT1h4dW9RZndueXZHUkQzWEE9PSIsInZhbHVlIjoiYWJlbjNjSmlhZ0twRFBvdytPVko5ZnVQNHdnZkUrcWg2UExJaEpUeURoMmh2VFpURG9PN091UjlTemlFNU51dHlqVzFLMDZZWnI3YSt6YUNHRG9IZXc9PSIsIm1hYyI6IjFmMGI2OWYzODdkN2QwMDAzNjdkZDU5ZDVlODNiMjU0MmJmZmFmMTM0NDY5YzA3NzBiZTVhODZiYWU4Y2NlMDYiLCJ0YWciOiIifQ%3D%3D
bfpartners.click/	1970-01-20 15:57:31	Name: campaign_8 Value: eyJpdiI6ImZGWjdiOHBKK0xUN1RoYTZWOUl5a3c9PSIsInZhbHVlIjoiMWVhZ1JabUx2MlM5ZW1TbGtkWWhnbzlMRy9OU3B5Z2RsUDIzYjV4eFM4V3MwMm9GNHgyNGVoVzZJTlR6NERFdEFSUHdTK0hMNGwxNjF0Qjgyc3ZvWWw4NDFHUlRjZGJ0c0FvRjBjSFM4WDZoMkZqRm5EcHRDcnorR005enBIVDErai9VSHRIQ2lZVFIrR05OY3YyM1p3PT0iLCJtYWMiOiI1YmI5OTk4ZTYzM2EyZWU3ZmJiMTY1YjdhYjk0ZjVjZDA4MzE3OWI4ODFmZTljYmViODQ4NmVkMjBiM2M3ZDZjIiwidGFnIjoiIn0%3D
www.betfred.com/	1969-12-31 23:59:59	Name: X-Mapping-ecmdecah Value: 37C9D75118496566B75311A1084E3956
www.betfred.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0z1x3taw5e42mxznzxu1dgmv
.betfred.com/	1970-01-20 16:19:11	Name: BF_AffiliateTracking Value: affiliateId=101783&trackingSystem=IA&trackingString=a_109111b_c_d_778232951
.betfred.com/	1970-01-20 16:19:11	Name: IA_AffiliateTracking Value: AffiliateID=101783&BTAG=a_109111b_c_d_778232951
.betfred.com/	1970-01-20 16:19:11	Name: IA_AffiliateTracking_AffID Value: 101783
.betfred.com/	1970-01-20 16:19:11	Name: IA_AffiliateTracking_BTAG Value: a_109111b_c_d_778232951
.betfred.com/	1970-01-20 23:59:54	Name: visid_incap_2254385 Value: GueKR7vITKylef36Ms0kZLrqHWUAAAAAQUIPAAAAAADla9msH0Xf45AuoFINpZFq
.betfred.com/	1969-12-31 23:59:59	Name: nlbi_2254385 Value: r6PVdYgifGuy/7pLsk94AQAAAACsc/Y2W3WnX5GjMKsUhTZ2
.betfred.com/	1969-12-31 23:59:59	Name: incap_ses_151_2254385 Value: +cfiKu4faEfcxXtBOnYYArrqHWUAAAAAgYJpF0Ue8Wsan4IxpozqZQ==
www.betfred.com/	1970-01-20 15:14:19	Name: incap_wrt_323 Value: uuodZQAAAACtHXZYGgAIwwIQzYKQ6sUCGPbV96gGIAIoutX3qAYwBti9WQokeEG0BBoqdHfNUdM=
.betfred.com/	1970-01-20 23:59:54	Name: visid_incap_2382758 Value: nLaDOvDaTMSVcMCrlm+W3bvqHWUAAAAAQUIPAAAAAAB1BH5oNRmb8Ea0udlFpdCC
.betfred.com/	1969-12-31 23:59:59	Name: nlbi_2382758 Value: PsufMvSFOVIf9UEuPO0IowAAAAA1GPWZr8Q8HUttb0/CrooH
.betfred.com/	1969-12-31 23:59:59	Name: incap_ses_151_2382758 Value: f78XJKPqT2rnxXtBOnYYArvqHWUAAAAA9qy0GS0e1NQqPZDYh5zwOg==
.betfred.com/	1969-12-31 23:59:59	Name: nlbi_2382758_2147483392 Value: di/1Mi5UwyC2CyTvPO0IowAAAAA4EGt6AdRrxzpXUKuJS3do
.betfred.com/	1970-01-20 17:23:55	Name: _gcl_au Value: 1.1.1798656248.1696459452
.betfred.com/	1970-01-20 23:59:55	Name: RavenClickId Value: 778232951
.promotions.betfred.com/	1970-01-20 15:57:31	Name: reese84 Value: 3:p9lVELlnhbNs7Z1YcpTb3w==:e/daN2Kcdd3lFwDAsM4zAPaAQYE9JPVGBQf1gW8EwSn6MZlPdvW2dCTXODVhaC0eqTfK5R1tUfxPhKtc2BJtkDLSaRGkeZw9zbgmIWOvbY2fOpG2AJPA7WtF9d2935a+xB/poOfl9RtD2Zck/j/KSHKVKCeiJv13gUM4vF9y4cKpvzncYoFBfKvAv/lAc72FQ3E1IIhkGtsyP16Hy6MCYV99s3y+GEnxbEwcURwY6Sw8OnJ+3ocL529Fj6N0wW3v2aIPfYqf40IfRxfDp4pmdGmG1D5A6zhy4Np/aJPzXvY+Ahf5WJl1chRPra4d0ggW0rsiZyoGtiUpJ2B2u+55gJdyG+EaCvRAOu2nyvoqk4PHohgnI3+hmLDfNtqMlCuvwx4XAEf9hogwpLnhXd6kDdMYNEmbuOC4hXpQozzZcpnj9TNkN0GP6uNraURLBU9kavi/wgT+2mKTQHzQJ2CmJzBjsjLysfeEM8a59wauL1yH11UvrSgb0LNKIpihZe5tognsKqOTFOfwGnePYJ00JUaQXaX+vL4TNG1Pnq7HKkcrW7Is9pGTX16Wo1dE5/Q1vlSwk2j11qD6KVfLzCtbbw==:ul5zDOWMVeQjgZivXZAmAI6W56H+EnF/EYNjctBW2ic=
.betfred.com/	1970-01-21 00:50:19	Name: _ga_VDC5SRZCK7 Value: GS1.1.1696459451.1.1.1696459451.0.0.0
.betfred.com/	1970-01-20 15:15:45	Name: _uetsid Value: 899b0290630711eea90c89b0760f7f2d
.betfred.com/	1970-01-21 00:35:55	Name: _uetvid Value: 899b3ed0630711ee81c725e5eaa07e4f
.betfred.com/	1970-01-21 00:50:19	Name: _ga Value: GA1.2.2136369939.1696459452
.betfred.com/	1970-01-20 15:15:45	Name: _gid Value: GA1.2.1690828099.1696459452
.betfred.com/	1970-01-20 23:59:55	Name: cd_user_id Value: 18afcdcee873c3-027a2b6bde5419-4e524651-1d4c00-18afcdcee88126f
.betfred.com/	1970-01-20 15:14:21	Name: __adal_ses Value: *
.betfred.com/	1970-01-21 00:50:19	Name: __adal_id Value: 6e9fcc13-aed8-4ca0-8ca9-0e16a30d4330.1696459452.1.1696459452.1696459452.6681afbb-c617-4dd2-a14d-428b58d1c0dd
.betfred.com/	1970-01-20 19:33:31	Name: __adal_ca Value: so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29
.betfred.com/	1970-01-20 15:24:24	Name: __adal_cw Value: 1696459452078
.betfred.com/	1970-01-20 15:14:19	Name: _gat_UA-2859093-16 Value: 1
.betfred.com/	1970-01-20 17:23:55	Name: _fbp Value: fb.1.1696459452602.1007699250
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjAwMDYwsjA0sRTiM9R1La4KCvAvC46vjKgAAPLHOp0lAAAA
.rfihub.com/	1970-01-21 00:35:55	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjAwMDYwsjA0sRTiM9R1La4KCvAvC46vjKgAAPLHOp0lAAAA
.betfred.com/	1970-01-20 23:59:55	Name: _hjSessionUser_756744 Value: eyJpZCI6ImRjNGUyOGQ5LWQyZDItNTIyMS1iNTlkLWQ3MjU2N2Y3OGYxMyIsImNyZWF0ZWQiOjE2OTY0NTk0NTI2ODAsImV4aXN0aW5nIjpmYWxzZX0=
.betfred.com/	1970-01-20 15:14:21	Name: _hjFirstSeen Value: 1
.betfred.com/	1970-01-20 15:14:19	Name: _hjIncludedInSessionSample_756744 Value: 0
.betfred.com/	1970-01-20 15:14:21	Name: _hjSession_756744 Value: eyJpZCI6IjU5N2M3MjI2LTczZTQtNDBjOS05ZmMyLWI2ZjBjZjgxYmFkMyIsImNyZWF0ZWQiOjE2OTY0NTk0NTI2ODEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.betfred.com/	1970-01-20 15:14:20	Name: _hjAbsoluteSessionInProgress Value: 0
promotions.betfred.com/	1970-01-20 15:14:19	Name: outbrain_cid_fetch Value: true
.rlcdn.com/	1970-01-20 23:59:55	Name: rlas3 Value: LvXXxxCUaFDISICd4bat5gCu85y0DS2FJj049IwyD14=
.rlcdn.com/	1970-01-20 16:40:43	Name: pxrc Value: CAA=
.pubmatic.com/	1970-01-20 17:23:55	Name: KRTBCOOKIE_18 Value: 22947-5109685630003028149
.pubmatic.com/	1970-01-20 15:57:31	Name: PugT Value: 1696459452
.rfihub.com/	1970-01-21 00:35:55	Name: eud Value: H4sIAAAAAAAA_5vFyGtoZmlmYmppYmpkZmC6CY2_C41_Co3_Co2_iAmVv4oFlX8LmW9hbLyLG1UeAGeJVuKQAAAA
.adnxs.com/	1970-01-20 17:23:55	Name: uuid2 Value: 6476700339460634249
.twitter.com/	1970-01-21 00:50:19	Name: personalization_id Value: "v1_wQf4sUUFKqVwS86w9uRnmw=="
.t.co/	1970-01-21 00:50:19	Name: muc_ads Value: cb060b4b-c881-4368-a6d1-79f1f61153fe
.bing.com/	1970-01-21 00:35:55	Name: MUID Value: 35EABE15EDE069460660ADB5ECF568B3
.media.net/	1970-01-20 23:59:55	Name: visitor-id Value: 3394610528395066000V10
.media.net/	1970-01-20 23:58:29	Name: data-rk Value: 5109685630003028149~~3
.connextra.com/	1970-01-20 23:59:55	Name: Betfred Value: P%7Clandingpage%7C1%7C202310042344
.doubleclick.net/	1970-01-21 00:35:55	Name: IDE Value: AHWqTUkAjYqVmAAuOO73TO3j_LfQoOhERSpU_PcZ9hr5Af4UMPfMTK8Aqmm_dErbEwM
.adnxs.com/	1970-01-20 17:23:55	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2Ilhjgg:j!cEwK#MP7J(Ed5b>w-/6ldPB$
.eyeota.net/	1970-01-20 15:14:20	Name: SERVERID Value: 20535~DM
.connextra.com/	1970-01-20 23:59:55	Name: CxtId Value: d7d61b62-3abd-4993-bf10-b04bdfec4873

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20795173p.rfihub.com
8373518.fls.doubleclick.net
a.rfihub.com
adservice.google.com
amplify.outbrain.com
analytics.twitter.com
api.cooladata.com
bat.bing.com
bfpartners.click
c1.rfihub.net
c5.adalyser.com
cdn.cooladata.com
cm.g.doubleclick.net
connect.facebook.net
content.betfred.com
contextual.media.net
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
live.rezync.com
loaduk.betfred.com
match.prod.bidr.io
my.rtmark.net
p.rfihub.com
partners.tremorhub.com
platform.twitter.com
promotions.betfred.com
ps.eyeota.net
script.hotjar.com
secure.adnxs.com
segment.prod.bidr.io
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
thecoolposts.com
tr.outbrain.com
track.joyful-u.vip
us-u.openx.net
wave.outbrain.com
widget.trustpilot.com
www.betfred.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.br
www.googletagmanager.com
x.bidswitch.net
zz.connextra.com
loaduk.betfred.com
104.102.33.171
104.244.42.197
104.244.42.3
13.32.27.21
13.32.27.83
139.45.195.8
139.45.197.155
142.250.186.38
146.75.116.157
151.101.192.64
18.169.7.0
18.195.128.171
18.66.97.37
184.30.17.67
185.64.191.210
185.89.210.90
193.0.160.131
216.58.212.130
2600:1f18:612b:4216:f83a:28a1:111d:1bc4
2600:9000:214f:7800:1:76cf:fe80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:cc16
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:400c:c03::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.121.203.109
34.240.57.208
35.241.11.19
35.244.159.8
35.244.174.68
45.60.124.248
52.208.23.16
52.213.159.54
52.222.236.71
52.50.95.29
52.57.150.20
54.216.55.98
64.202.112.127
95.101.148.20
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
077a92693443ef070ab944030acb8c029fdd14ae1a00661eba95e4a787fdcdce
0f5150ebcec013ee414667aac35db661d087f75a8cc828646d1bfc800b1d19ea
140cd69f754cfa3dbb5bca01f63cf58fdd7cd91cd4a53ec2cb4b90ef932859c8
14b64c551f4792edf6c67f0870f03aa99d611723c2dc195cdb882e74af49c4a5
1ceb5e231d7c844a6139dda7acf2de2027a58b3606b96aacc41f4ce3578a5261
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fd9691fceaa2c9bc521bc83425e191ffa8de6f5760af12cb2ed5d95baaa9f25
2038b9bcd9449d18aa40aebf7576f811ab71c189a02042da161bcb388ff39171
211017ca63a38d9a1ae3d0798dc1820dfc8737563da52bd6301834c0b7606f48
217245e8c0011173e560ba89836d67478d6bf6cace73b5e6fef90784eaaf0494
28427c925e32a073ed3f709293ee57a30f42ee033b4d4d13ae646374baf064ce
28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d
2a133a86345d29299c0ccb2cef9c2d489de3401500e48e70278a9394b842a449
2ae4986fc951ed8f8ee835722954ae72559ee2e3d454c1432c291f9ef48e31bd
2d4c4c1cb17b11010d91eb25eed4db4247727657fdcbbf299059d0e85fbf80bd
2deccb33aced35213cd65ccad864a82e7f455063ad34ce6d3d47512824c98e0b
3732b83f985bb8e4e90898dfd56e71318746180593a48617d1c792dd4baa9a85
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49ba8bae55c461b876e2a0ed7dd0235c348793102854ef20d8cf0697cbce5640
4a9b6603ef41adb1bea50a3b32b75d3cb2b3b836e78bcbdbcb2b71ac41b882a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a
4da15d775e44eb702696f425f44a87345ebb301bd5c1316b3c5cd02d26cab564
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a374a8e8d9824258838ff857a6a9d97ae0e27218aacd985fb62398cda4ce821
5c53afd068d6bb4a3a07d2769e06c241904fee0082f5af01e7b50f49d2a00d2a
6262eb83bf9bb03671083af066f83b5c77cfe80ad86cbc7419b426bc906bbb1c
64ccae169b65d2a17d9c113306fa2103d68fd9388bb0e1433f0114ff9db11ce8
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
699f4187958dea821d9016580d6996602e1a95ea84ed1916b75b9b523bf58d99
6dfdebddfad26ae0bf08084f16abc4f1f5b3e04214837c0b88af504618b23648
6eddec1bb240c51a3d3d2bcaa7c2462f6ffc4a6113014d3b6a3b3a14fe843b1f
6ffc5038d265294e930bd45f0520a23239037b6bddcf02b2c87da15dad7b656c
749a72a12afd7ef26346e840dec992ac8c48572199abdbf351effbbedf245dee
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81b7dab652dd4e7c14c2d6028770729060df1221e3185fa393f62da19e30e46b
82790497c307b41633edf02f7dbf38bafb54b2f8923132be437e1a857a4c9fba
8cd5765c2b3a630a17c882b9c376fac006c5810d7123d620a94e11442d8df0d4
91ca49847ee545f5c5b2279193dd91e4608456503fc322470596b6041b5b9272
91cc30a4f66cfb37a69b3ea2cd65e1cb5f903d2eea7bff78629df9640d4d5e55
920af9f6ee8eec980e21e5ecd4d275fee137ffb3768ab9f0a60cee539a109b24
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95cd3e5597b8644d0284aa92f248141c5d5b3d4f0a1832714ee87df97e585362
9c5ad4608696e74ae9a26e1749ed8216753dc0b4810906fc61c34ea2b8ff732f
9c75420e20779358e84b56e56eb7758ae698c8bed3f65ff31fab7f2a23cd34eb
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e4f71ad39708f30f53d43a3d809c26b7e94c5edb108bff46d9f85879abf42ae
9ecdd0af9a397233fd167c920e5fc440fe6bf713916dbb6669fe67d0b253fa46
a035e4af683292e1d570d9a0dea61eea4e4c181c3084023bb619fa0b418a14d2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ba3e3097b23987e4e2a5279113d5bddb7c233913300712db641f2408301395
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a879696985aae26611548e2b28948746c16d8d84fc005330d49a6ea63a3d65e9
aa7b681d1723c56f2d9d4dcccf718c5af5da7812da78d1407363e5cd884a9982
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b64c3c9c16ad322ac7265b54925a2d402f93a475664875b8c3c6e8bdce3c35a8
b7894b5192e70291b046d48e83d22a1986248799d65e28797e3554a8fbc3946b
badd919d133c0ac5c0186ea595736554b37d46674be5f6a3dc62e45797f63467
bc73d5e0c35caffaf54879a0b41a7448c5741ce44fd7a050ae5d748ae946f94c
c056d49f632f2452cc7ba60354b5645fc7042bf4c24c213ca291d4cf2dd17408
c2d4b180dfc5d332922894ca75cd41c62364b96c1d412ba380b31e8a9b8efd07
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d8684f3bf690ac1c5728552ed8bff5f18fb8db87e81f79084b55e6f28ebff2d0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de85157d2fdc7accb91dc40d23d5e90aa9a6fdea491c50f8cb23af15e0dbec62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52769f8418ece004d856f3afede8b9a8a0b2f9f3cfcdd558de2279d734f8d02
ecad28053dfe2183a6127e7bbfc8c89f7d0af339bab7cc86933def741fb0e21e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcf4f43ea254e94ef3e6946374edd20e5746ecda5aaec9df151d0cade500db65
fe51ed16a92cc9a703010e3a9075d13f802aea041fe83e920374c1de06cb1121

promotions.betfred.com Open in urlscan Pro 45.60.124.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

91 %HTTPS

30 %IPv6

36 Domains

52 Subdomains

41 IPs

5 Countries

1761 kBTransfer

4897 kBSize

65 Cookies

19 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promotions.betfred.com Open in urlscan Pro
45.60.124.248 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

91 %
HTTPS

30 %
IPv6

36
Domains

52
Subdomains

41
IPs

5
Countries

1761 kB
Transfer

4897 kB
Size

65
Cookies

108 HTTP transactions
2 data transactions