urlscan.io logo urlscan.io
SecurityTrails logo

www.betfred.com Open in urlscan Pro
45.60.124.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Effective URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred....
Submission: On February 26 via api from LU — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 51 HTTP transactions. The main IP is 45.60.124.248, located in United States and belongs to INCAPSULA, US. The main domain is www.betfred.com. The Cisco Umbrella rank of the primary domain is 237116.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on December 23rd 2023. Valid for: 6 months.
This is the only time www.betfred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 139.45.197.151 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
18 139.45.197.251 9002 (RETN-AS)
1 3 23.53.41.81 20940 (AKAMAI-ASN1)
1 139.45.195.253 9002 (RETN-AS)
1 1 18.195.128.171 16509 (AMAZON-02)
1 1 13.43.77.33 16509 (AMAZON-02)
4 45.60.124.248 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.72.134.33 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
51 10
17    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
thecoolposts.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
18    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
3    23.53.41.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-41-81.deploy.static.akamaitechnologies.com
ak.ocoaksib.com
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    18.195.128.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
track.joyful-u.vip
1    13.43.77.33 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-77-33.eu-west-2.compute.amazonaws.com
bfpartners.click
4    45.60.124.248 (United States)

ASN19551 (INCAPSULA, US)
www.betfred.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    54.72.134.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
content.betfred.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 31094
17 thecoolposts.com
thecoolposts.com
74 KB
6 betfred.com
www.betfred.com — Cisco Umbrella Rank: 237116
content.betfred.com — Cisco Umbrella Rank: 388232
83 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11764
2 KB
3 ocoaksib.com
ak.ocoaksib.com — Cisco Umbrella Rank: 119976
16 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
1 bfpartners.click
bfpartners.click — Cisco Umbrella Rank: 307364
3 KB
1 joyful-u.vip
track.joyful-u.vip — Cisco Umbrella Rank: 339010
613 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 42429
468 B
51 10
Domain Requested by
18 jouteetu.net thecoolposts.com
17 thecoolposts.com thecoolposts.com
4 www.betfred.com www.betfred.com
4 my.rtmark.net thecoolposts.com
ak.ocoaksib.com
3 ak.ocoaksib.com 1 redirects thecoolposts.com
ak.ocoaksib.com
2 fonts.gstatic.com fonts.googleapis.com
2 content.betfred.com www.betfred.com
1 fonts.googleapis.com www.betfred.com
1 bfpartners.click 1 redirects
1 track.joyful-u.vip 1 redirects
1 datatechone.com ak.ocoaksib.com
51 11

This site contains no links.

Subject Issuer Validity Valid
thecoolposts.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
ak.hetaruwg.com
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-23 -
2024-06-20		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.betfred.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
Frame ID: E11FD8614DA8C19241E0642F3C52A82F
Requests: 47 HTTP requests in this frame

Frame: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=8-37929663-0%200NNN%20RT%281708948886194%2054%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=259001490267812080-211854875414439240&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Frame ID: 1DE590A02E6B640EBDC3CF3BD95DEFDB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015 Page URL
  2. https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2 Page URL
  3. https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949 Page URL
  4. https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=0&browservers... HTTP 302
    https://bfpartners.click/o/6ZilUo?site_id=109112&s2=Welcome40&s2=wm6b52eiq8l0g4fvib8dma38 HTTP 302
    https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https:/... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

51
Requests

100 %
HTTPS

18 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

206 kB
Transfer

487 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015 Page URL
  2. https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2 Page URL
  3. https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949 Page URL
  4. https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=0&browserversion=73&osversion=win10&user_activity=high&bannerid=14185211&isp=vodafone%20limited&zone_type={zone_type}&request_var=5154505&survey_exit_type=not_survey&cost=0.001500&visitor_id=785951194328863289 HTTP 302
    https://bfpartners.click/o/6ZilUo?site_id=109112&s2=Welcome40&s2=wm6b52eiq8l0g4fvib8dma38 HTTP 302
    https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thecoolposts.com/ 		41 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
d09cbfcabdd72c882716754881ed4745884b4b8d8841af2496b4bd9dd85b3fc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:01:24 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=c1c188677109b9e938e76faaaf664949
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
19b7a2c8a071969afa16c2af65719d3a77c7667e009b7110d09751d5dd3be910
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thecoolposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
thecoolposts.com/pfe/current/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:01:24 GMT
content-encoding
br
last-modified
Thu, 22 Feb 2024 14:38:38 GMT
server
nginx
etag
W/"65d75c6e-86e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
/
thecoolposts.com/19/5154505/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/19/5154505/?abt_opts=1&var=3520015&var3=378562555951460825&ymid=&rhd=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
849f65afbef8846e53340a77b9cd12df12231e39957d0e851bc5cfc1372312ab
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
f72f77cd7e5da1210cd647e5515fa6dc
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Content-Type
image/gif
/
thecoolposts.com/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&mprtr=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
2660706
thecoolposts.com/sw-check-permissions/ 		0
747 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/sw-check-permissions/2660706?var=3520015&ymid=378562555951460825&uhd=1&zoneId=2660706
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
zone
thecoolposts.com/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=5b1e811c-f5ae-4066-b1c1-a706bf3f12ad&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id
6837644dbd612bf91cfdfc271fda9942
date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://thecoolposts.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=2660706&checkDuplicate=true&ymid=378562555951460825&var=3520015
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2ac425b5a4a847138f5b7da3524715782783a19cbbfb71ccd4b0431e98b7f748
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thecoolposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
rhd
thecoolposts.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/rhd?rb=9N0rwlEfOVk71ldOXXmb84cS2MmsddmuE66AXN8CUFj5oMn-cmxIvNi2cwtIBW8J47uSXsByWhJZkxB2ncMz9cQtHbPFyVZqqVoT5Zm51nTa2O6_k8fwO_P6vTUtT3p2IOcdczypK6bVmZQKvq879Xqu7OIl94Tz-XAWQOy0iqFMBtUvwdanW5AeMWuyHkpO0oPo-K4mMh1o9mbVj4V56mjr4LOHlH86DRfz-cYKdzixQ0hYoqPrz1CKMYGzZHACSvJ7AEj06oozckjoko_5oSN5VhIE-HhpGfxvsFQPRoJjIlafGhDWa6QUSyG0EmCR0YgGA6k-WMaXt_5k-hPAXdFWyabDu-4heiek3gaZW-b0Jlk3qwCiBK-otC_lv9LzAUYckUUorsNPmuADXaH5CR-D4PAhaed3C3H6EkwukU01lRfZMu8NnPkqV3QwZDj28UriNA%3D%3D&request_ab2=0&zoneid=5154505&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fthecoolposts.com%2F%3Fl%3DXKmG8ooqkNkREHl%26s%3D378562555951460825%26z%3D3520015&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=3520015&var3=378562555951460825&ymid=&rhd=1&m=link
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
18905114fdda83024eca8da289ad477224b476ed90f0127213054a15439d0de1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
f0dc6e75fe4a654333e7079616823b33
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
zone
thecoolposts.com/ 		803 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=5b1e811c-f5ae-4066-b1c1-a706bf3f12ad&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6a4bb13600a8bb0e08d71d85b8cb563334894f7e3df049ea4e6dd2438cf034ae
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id
1f10bab4b0fe994de27bfbabe4b16e7a
date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
/
thecoolposts.com/ 		41 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
8a3dea3115935a513956eb3f3cbc8ff07b9f0a1060a2a259cb54cbdf62655da2

Request headers

Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 26 Feb 2024 12:01:24 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
thecoolposts.com/pfe/current/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

pragma
no-cache
date
Mon, 26 Feb 2024 12:01:24 GMT
content-encoding
br
last-modified
Thu, 22 Feb 2024 14:38:38 GMT
server
nginx
etag
W/"65d75c6e-86e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

Content-Type
image/gif
/
thecoolposts.com/19/5154505/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/19/5154505/?abt_opts=1&var=3520015&var3=378562555951460825&ymid=&rhd=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e02ac2a86a4a03fa0810daef8d086937466ddaf4f0c598f6e335ce7180e88fd8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
49782d8c350f77e9d1590f617a6c483b
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
thecoolposts.com/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2&mprtr=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:24 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
2660706
thecoolposts.com/sw-check-permissions/ 		0
747 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/sw-check-permissions/2660706?var=3520015&ymid=378562555951460825&uhd=1&zoneId=2660706
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:25 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
zone
thecoolposts.com/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=c6d3bb39-97be-4caa-952c-93ff63a794a3&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id
cf7a44a3fd5b34fa614932440eeab92c
date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://thecoolposts.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=2660706&checkDuplicate=true&ymid=378562555951460825&var=3520015
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2ac425b5a4a847138f5b7da3524715782783a19cbbfb71ccd4b0431e98b7f748
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thecoolposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
rhd
thecoolposts.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/rhd?rb=y7rW0R5ri1iMiXHb_zzguyM1oW6ay-cDM5lLjADnNRIorJZ2hULTKcMqGWbgB5PPEqUjZQNJ_fK9upk50UF1_vjV1O4fh62ljfFzsjrjXgNNixgJy9MikixcPy_XwDe0Rms9EWK0fgFCrADJyq0z9wt4Na9gXCoW5eUNhIgU11p0A95_aAhzVHZgQ4im72WYxDj5XeKMZ2bfrRR27BUwBbZ9JQb2-ZUazxQNbuqrZb4JSisIpw2g4ig5-vQs_Wr8bUhkdwAYHbVH7MEaUVRVXBmFH_QfUHZTdLu3UhcBucTt9U0E37b-apKx3xzFfgUihUHcOOmPNYMm52pLR7wgXQs3HSCrpUpJ_-O638wYgOXoXCqIC9QtQ0n-e7EDbEIv9PslDoDcrBuwY-8MVXXczhRd69sd-I5tETfI0Q4xNJldPVXYL1CS6J1fUSAUvUnzrF7bWTfKNpQ%3D&request_ab2=0&zoneid=5154505&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fthecoolposts.com%2F%3Fl%3DXKmG8ooqkNkREHl%26s%3D378562555951460825%26z%3D3520015%26rdc%3D2&drf=https%3A%2F%2Fthecoolposts.com%2F%3Fl%3DXKmG8ooqkNkREHl%26s%3D378562555951460825%26z%3D3520015&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=3520015&var3=378562555951460825&ymid=&rhd=1&m=link
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b55acf7deefe0443e6308b46f2cfa522c58f1899129929876b8eee0ff3eacca
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
x-trace-id
343793789ba5c9cc2dd91627b238592e
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
zone
thecoolposts.com/ 		803 B
735 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/zone?&pub=0&zone_id=2660706&is_mobile=false&domain=thecoolposts.com&var=3520015&ymid=378562555951460825&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=c6d3bb39-97be-4caa-952c-93ff63a794a3&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6a4bb13600a8bb0e08d71d85b8cb563334894f7e3df049ea4e6dd2438cf034ae
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

x-trace-id
76b20983c9077b79b48b0c22d47ef119
date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/pfe/current/micro.tag.min.js?z=2660706&ymid=378562555951460825&var=3520015&sw=/sw-check-permissions/2660706&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thecoolposts.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers
/
ak.ocoaksib.com/4/6118780/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.41.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-41-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a59e895a5f3ba1a41cdf04ed4b52a75ed2002643b642459479ccff25b673310d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13343
content-type
text/html; charset=utf8
date
Mon, 26 Feb 2024 12:01:25 GMT
expires
Mon, 26 Feb 2024 12:01:25 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
4f6aae0ebfec461b2abb68fff52332d0
cat.php
thecoolposts.com/ 		0
573 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://thecoolposts.com/cat.php?userId=c1c188677109b9e938e76faaaf664949&zoneid=5154505&rb=y7rW0R5ri1iMiXHb_zzguyM1oW6ay-cDM5lLjADnNRIorJZ2hULTKcMqGWbgB5PPEqUjZQNJ_fK9upk50UF1_vjV1O4fh62ljfFzsjrjXgNNixgJy9MikixcPy_XwDe0Rms9EWK0fgFCrADJyq0z9wt4Na9gXCoW5eUNhIgU11p0A95_aAhzVHZgQ4im72WYxDj5XeKMZ2bfrRR27BUwBbZ9JQb2-ZUazxQNbuqrZb4JSisIpw2g4ig5-vQs_Wr8bUhkdwAYHbVH7MEaUVRVXBmFH_QfUHZTdLu3UhcBucTt9U0E37b-apKx3xzFfgUihUHcOOmPNYMm52pLR7wgXQs3HSCrpUpJ_-O638wYgOXoXCqIC9QtQ0n-e7EDbEIv9PslDoDcrBuwY-8MVXXczhRd69sd-I5tETfI0Q4xNJldPVXYL1CS6J1fUSAUvUnzrF7bWTfKNpQ=&var=3520015&var3=378562555951460825&ymid=&rhd=1
Requested by
Host: thecoolposts.com
URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
0
x-trace-id
181f8348abd558b3e984e285509e063f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thecoolposts.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
sftouch
ak.ocoaksib.com/ 		2 B
539 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.ocoaksib.com/sftouch?userId=c1c188677109b9e938e76faaaf664949&z=6118780&p_rid=f2eb1731-00ed-41e8-b366-90c0024b8941&p_src=sf&branchId=150041&rb=S3l19HxQfEG66fm4AOCpqve8GRPOtNPdNT5jz4wb5jGvfHynNDeryfa9DgfyT3CafG3tEijCBDOhppZiw0eMilkiI1i3Pvpc9jSSUvh8zoG_A-G0BkKQZpa6CNi3lT_EOI3YW3MVJQgs8wy1RDEkthwW5aIhm5qRxw7bVc3gSzFzEOxvLikRdPY7e-kF_k9HQzvVxRq2d56zwzPKLJPnqoqpXXFnQ7WZMhHVezAysUhskxjWJyZ8y43b0IDS00avcqSP719O6VUjCo77vXJs393hG3v53HK99eiFTLxTDBRJIsqznn7wEJvlMORnLg8An-ygLVAhyCg=
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.41.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-41-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security
max-age=1
date
Mon, 26 Feb 2024 12:01:25 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
d439d02c49c37f4c1b736c9c026a5854
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.ocoaksib.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Mon, 26 Feb 2024 12:01:25 GMT
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=c1c188677109b9e938e76faaaf664949&z=6118780&p_rid=f2eb1731-00ed-41e8-b366-90c0024b8941&p_src=sf
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ak.ocoaksib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f2eb1731-00ed-41e8-b366-90c0024b8941
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://ak.ocoaksib.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 26 Feb 2024 12:01:26 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.ocoaksib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request tracking
www.betfred.com/affiliate/
Redirect Chain
  • https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false
  • https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=0&browserversion=73&osversion=win10&user_activity=high&bannerid=14185211&isp=vodafone%20limited&zone_type={...
  • https://bfpartners.click/o/6ZilUo?site_id=109112&s2=Welcome40&s2=wm6b52eiq8l0g4fvib8dma38
  • https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
812 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
281067f3a3030225c712557c1ff1e0e445213a3b6499e91cff4e2b98c9546e04

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ak.ocoaksib.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-length
812
content-type
text/html
x-iinfo
8-37929663-0 0NNN RT(1708948886194 54) q(0 -1 -1 0) r(0 -1) B16 U5
x-incap-sess-cookie-hdr
xthIG5+XMDjwsLWveyiYA5Z93GUAAAAAQQx+fqzFDU5oGro4+5gvXw==

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
1158
Content-Security-Policy
default-src 'self' ;script-src 'self' 'unsafe-inline' data: *.googleapis.com *.twitter.com *.facebook.net www.googleadservices.com www.gstatic.com www.google.com google.com google.co.uk http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io use.fontawesome.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com tagmanager.google.com maxcdn.bootstrapcdn.com cdn-images.mailchimp.com use.fontawesome.com fonts.bunny.net;img-src 'self' * data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.bunny.net use.fontawesome.com;connect-src 'self' fonts.googleapis.com insights.hotjar.com wss://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;frame-src 'self' www.google.com vars.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;worker-src 'self' self blob: 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Feb 2024 12:01:26 GMT
Location
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/#/affiliates/sports/football/bet-10-get-40?&siteid=109112&referrer=&click=1013785900
Server
nginx
ious-Eye-grack-Tis-do-tempret-beene-what-withis-
www.betfred.com/ 		228 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2d10439ec209160b618b912bf78eb0820e33ef410afbc0246fa5f983610a14c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:26 GMT
content-encoding
gzip
x-cdn
Imperva
etag
"425c8ef3"
content-type
text/javascript
x-iinfo
9-50115059-0 0CNN RT(1708948886406 53) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
73830
_Incapsula_Resource
www.betfred.com/ Frame 1DE5 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=8-37929663-0%200NNN%20RT%281708948886194%2054%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=259001490267812080-211854875414439240&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0ec82a4761ae8755e2a233a5695afcc8b0a6db19cae16a7c003d64504de198bf

Request headers

Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
2206
content-type
text/html
x-robots-tag
noindex
css2
fonts.googleapis.com/ Frame 1DE5 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=8-37929663-0%200NNN%20RT%281708948886194%2054%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=259001490267812080-211854875414439240&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b019ece8843e7df34c340501cfe589cff54e35b281ba097704c2d8bf2cf7bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 12:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 26 Feb 2024 12:01:27 GMT
logo-betfred.svg
content.betfred.com/landingpages/geo-block/images/ Frame 1DE5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.betfred.com/landingpages/geo-block/images/logo-betfred.svg
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=8-37929663-0%200NNN%20RT%281708948886194%2054%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=259001490267812080-211854875414439240&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.134.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
347bf30aa035fdf5da57d813cbfa97bd494d9c7ba44cbe99f01320264a324bb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:27 GMT
last-modified
Thu, 27 Apr 2023 11:38:13 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"644a5ea5-1081"
content-length
4225
content-type
image/svg+xml
target-red.png
content.betfred.com/landingpages/geo-block/images/ Frame 1DE5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.betfred.com/landingpages/geo-block/images/target-red.png
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=8-37929663-0%200NNN%20RT%281708948886194%2054%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=259001490267812080-211854875414439240&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.134.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
bda63c34ab0a3bb4645d43ad1f75d73cea8176c8f4a6923d9b25458a9038c216

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Mon, 26 Feb 2024 12:01:27 GMT
via
1.1 varnish
last-modified
Thu, 27 Apr 2023 11:38:14 GMT
server
nginx/1.18.0
age
0
etag
"644a5ea6-815"
x-varnish
660086698
content-type
image/png
accept-ranges
bytes, bytes
content-length
2069
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 1DE5 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betfred.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Wed, 21 Feb 2024 03:51:59 GMT
x-content-type-options
nosniff
age
461368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 03:51:59 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ Frame 1DE5 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eebf14aba456b89b7e899584e076588a92e422a45b37fb5fa36ce17519a3e8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betfred.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344

Response headers

date
Wed, 21 Feb 2024 07:49:52 GMT
x-content-type-options
nosniff
age
447095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22760
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:02:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:49:52 GMT
ious-Eye-grack-Tis-do-tempret-beene-what-withis-
www.betfred.com/ 		735 B
860 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-?d=www.betfred.com
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
987b0883f90ca4ee96d040fe5fe6a7cd39b548b5a38889c103af2cf32b8f3a18

Request headers

Accept
application/json; charset=utf-8
Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36 OPR/73.0.3856.344
Content-Type
text/plain; charset=utf-8

Response headers

date
Mon, 26 Feb 2024 12:01:27 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
9-50115059-50115152 NNYN CT(21 16 0) RT(1708948886406 451) q(0 0 0 -1) r(1 1) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=27.142942

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| a1_0x4538 object| reese84 function| a1_0x1ea1 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha

19 Cookies

Domain/Path Name / Value
thecoolposts.com/ Name: OAID
Value: c1c188677109b9e938e76faaaf664949
thecoolposts.com/ Name: oaidts
Value: 1708948884
thecoolposts.com/ Name: prefetchAd_5154505
Value: true
my.rtmark.net/ Name: ID
Value: 705e4b20a29a4494ba1e15bd1a3d0746
thecoolposts.com/ Name: syncedCookie
Value: true
thecoolposts.com/ Name: reverse
Value: judgMjNVqQxt0hzLo9bzd_T3ktI9jpatMuJrR8vpnVI
ak.ocoaksib.com/ Name: oaidts
Value: 1708948885
ak.ocoaksib.com/ Name: syncedCookie
Value: true
ak.ocoaksib.com/ Name: OAID
Value: 705e4b20a29a4494ba1e15bd1a3d0746
.track.joyful-u.vip/ Name: e90c5688-f303-43ee-8f72-7debe5243745-v4
Value: cjEA9RJdCax60AVD3Sx3CgXc-T2iYnhRKcoIhgE_PWo
.track.joyful-u.vip/ Name: cc-v4
Value: %2FwKOX9aAhVWGcG%2BCIR1SgTnfNT5IDeCeYWZYNGWH8CKwdT4SV8bTMdtcvQJJvH8OpHioHCDo1X9dkpmGphv9nOgsWz8ev6oZ%2FLL17Mo8Lsv3B4De7RnjDQrK78kAH4aCWgpvBk7zKpCYa1XyarLuzw%3D%3D
bfpartners.click/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVZL2hWR04zREpVU29WL0FvdGJGdlE9PSIsInZhbHVlIjoiOTNhMFhudDU1bTVSZ3ZOR21iWmFVb1c2aXAvWmE5RnZNdWRqZGVxb1dxUjIwajgxSFdMUm9kcWUxRnNQczlLUGdzVlNRMkVZcmlCVDlIa3lMS2xMRHZRMGg3TTlncUNuMUpHMktQOUFvejNLMW8wLzEwVmlCZ1VrbjlVSW9TSjciLCJtYWMiOiI1MGQxMTg5ZGJjODNhZjVlMjMxMWVlNjIwNDM1YzgyNGIxOThkMTJjZGIxYWE2NGQ3ZjdmYWRhZDBjYWYzYzZhIiwidGFnIjoiIn0%3D
bfpartners.click/ Name: awa_app_session
Value: eyJpdiI6IjBEVENhSWxzZ3l6bVBIYWNIWTIrUGc9PSIsInZhbHVlIjoiSjhaSUpaMXU2L3ErdkRqVVc2TjJwQ3Q1Yyt0dXM2WE9KN0NjMkdMYzRzd1VPb2hKS0JmZXpWSTRENEtWOWgwQ0Q5WGw4SUF0cWUvbWhMaEJrTVg0YlVZa1IyQmZvV3BuSVJXVlQxb3BQcVJsbENmMTFpNGJqc2dqNklnZGMvc24iLCJtYWMiOiI1YzA5MjNhNjE3NWQ2MzM4NDAyMzBhM2E3ZjEwNWY1MDA0NzEyNTIzNzQzOWY2ZDg1YzA4NmM3Y2Y0OWIyMDAxIiwidGFnIjoiIn0%3D
bfpartners.click/ Name: campaign_17_lp_57_aff_101783
Value: eyJpdiI6InRNY1IyVy9RVFBXdVBScGNDYVNoWWc9PSIsInZhbHVlIjoiTnppLzNTRjIyRmtodVdaUEpZemwyZjdqNGc5K2RVR3hBOUVLbXZpQmEzZk1XWU4wV3pZUEFDdks4djFzaGtMRVRXcW5nNk9kVzVWc0JIL2hsYmhSRFE9PSIsIm1hYyI6Ijk3NmUwZDY5ZTc0ZTE3M2RlNWQ0ZmZkNDczNDU1ZTllZWQ5ZmQyNTAxN2ExZjU0Mjg1MTg4ZTNiOTgyNTBiMzAiLCJ0YWciOiIifQ%3D%3D
bfpartners.click/ Name: campaign_8
Value: eyJpdiI6ImxJS3RtTnp4eE1zTHVjYi90TzlodXc9PSIsInZhbHVlIjoiU0JuMS9HL1F2Nkp5bGRtOHVydkxYUXExSzNmUTVNSzFiajlsQndvRHZRdWhnOCtBdEtRTXBjOFRtUlUrc1RseWVmUXVQdzhuL2J5UysyTU1yUXd6MGM3R1lKNVZ4ZFB1UGNIOFIrZG03MDh3TDduUlA0akdBeU81NmxFOEVYV0lKYnoxODZFc2pmWUNEdmhLNkFrUUFRPT0iLCJtYWMiOiI1N2MzYzFjZGE1MTAyMmI0MmU5NTJiMzlmOGI0ZmE5MmVhNDk2Zjc3Nzg4MGEwNjc2YjIwMmNjMWU0MjA1ZTZkIiwidGFnIjoiIn0%3D
.betfred.com/ Name: visid_incap_2254385
Value: DcQrCWFKQ3mYkgNFLXNyDpZ93GUAAAAAQUIPAAAAAADNztZ9S5w27024s/Yb1Lh9
.betfred.com/ Name: incap_ses_259_2254385
Value: R75gL4/BUFrwsLWveyiYA5Z93GUAAAAAMnsgcKzLlepQzOVikShtdw==
.betfred.com/ Name: nlbi_2254385_2147483392
Value: FPl9T5Wlb3JEn2QVETEFhQAAAAASnxOt7uoSMFbADjvjlgxv
.www.betfred.com/ Name: reese84
Value: 3:/pIMGsLNNpamNdVfKORicg==:jtBDSwbxZFtFXmaHBx34hFvpEoLwWW1e6sxuiDqpMM6K+yDWTf6gqa3Lm4F83xIV52O2Vt0Kt+TPk8l/5e0jvqm6VetbZ36KauYmfRRMyDOce7nr0noyoymbYV7VzIekQaJMiuhWes5N/ztZg2n3HlhxVTIns6s8zDXAvgKIR736X/+Yb6DC/f1jeUINKVMSqLVBaxphhKTjG8mNh+9XL/mqYVi08YfIgTrqt5aXx/WOrO8XvYJmwqVHDPnmK1HO2ZEh+Vpgd1OeF14dp83y2CxjnYGT2uu9AL9ezpBekVri5FrPPB3l13cxtzCn4uTZh/KKTFrPbzeAKCv5l67KpKvemPFTppOE+iQ4JWuGzv8t3TG+XDXkLKQerKiaZYivWjASQs/zN2cdc0LcUf1Sz3zCPzNI9sPhSfmN5CuU2F8JyK8WwdGZt9YRjN152sg/V69P2C8VQuee/89oGMerviHBZmoPo/ZsF4CGbLEmS88ahD00jci8Ps5ulT006i1d6vOvSyqQDgtlB0raZ2E+0ZCy5t+NwM8fsaX+tutwtw5sIuwDbUYU8md8p4rNmmS7k/GLJrFVpLXiVqPetroytQ==:nEq66h13RDtNJJghGHRCOikSiVe4JzFPMaFQinteods=

7 Console Messages

Source Level URL
Text
other warning URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thecoolposts.com/?l=XKmG8ooqkNkREHl&s=378562555951460825&z=3520015&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.ocoaksib.com/4/6118780/?var=5154505&btz=&bto=&oaid=c1c188677109b9e938e76faaaf664949
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109112b_c_d_1013785900&target=https://promotions.betfred.com/#/affiliates/sports/football/bet-10-get-40?&siteid=109112&referrer=&click=1013785900
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.ocoaksib.com
bfpartners.click
content.betfred.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
jouteetu.net
my.rtmark.net
thecoolposts.com
track.joyful-u.vip
www.betfred.com
13.43.77.33
139.45.195.253
139.45.195.8
139.45.197.151
139.45.197.251
18.195.128.171
23.53.41.81
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
45.60.124.248
54.72.134.33
0ec82a4761ae8755e2a233a5695afcc8b0a6db19cae16a7c003d64504de198bf
18905114fdda83024eca8da289ad477224b476ed90f0127213054a15439d0de1
19b7a2c8a071969afa16c2af65719d3a77c7667e009b7110d09751d5dd3be910
281067f3a3030225c712557c1ff1e0e445213a3b6499e91cff4e2b98c9546e04
2ac425b5a4a847138f5b7da3524715782783a19cbbfb71ccd4b0431e98b7f748
2d10439ec209160b618b912bf78eb0820e33ef410afbc0246fa5f983610a14c5
347bf30aa035fdf5da57d813cbfa97bd494d9c7ba44cbe99f01320264a324bb6
3b019ece8843e7df34c340501cfe589cff54e35b281ba097704c2d8bf2cf7bbc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
6a4bb13600a8bb0e08d71d85b8cb563334894f7e3df049ea4e6dd2438cf034ae
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05
849f65afbef8846e53340a77b9cd12df12231e39957d0e851bc5cfc1372312ab
8a3dea3115935a513956eb3f3cbc8ff07b9f0a1060a2a259cb54cbdf62655da2
8b55acf7deefe0443e6308b46f2cfa522c58f1899129929876b8eee0ff3eacca
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
987b0883f90ca4ee96d040fe5fe6a7cd39b548b5a38889c103af2cf32b8f3a18
a59e895a5f3ba1a41cdf04ed4b52a75ed2002643b642459479ccff25b673310d
bda63c34ab0a3bb4645d43ad1f75d73cea8176c8f4a6923d9b25458a9038c216
d09cbfcabdd72c882716754881ed4745884b4b8d8841af2496b4bd9dd85b3fc0
e02ac2a86a4a03fa0810daef8d086937466ddaf4f0c598f6e335ce7180e88fd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eebf14aba456b89b7e899584e076588a92e422a45b37fb5fa36ce17519a3e8c5