betfirst.dhnet.be Open in urlscan Pro
107.154.132.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orgmod.org/
Effective URL:
https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Submission: On March 15 via api (March 15th 2020, 9:06:44 pm UTC) from DE

Summary HTTP 145 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 28 domains to perform 145 HTTP transactions. The main IP is 107.154.132.78, located in United States and belongs to INCAPSULA, US. The main domain is betfirst.dhnet.be.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 20th 2019. Valid for: 2 years.

This is the only time betfirst.dhnet.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 4	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	116.202.81.140 116.202.81.140	24940 (HETZNER-AS) (HETZNER-AS)
1 2	173.236.118.102 173.236.118.102	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE)
1 2	54.236.172.182 54.236.172.182	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.123.79.50 3.123.79.50	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3030::681f:49a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6818:61a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	109.169.22.158 109.169.22.158	20860 (IOMART-AS) (IOMART-AS)
22	107.154.132.78 107.154.132.78	19551 (INCAPSULA) (INCAPSULA)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
17	35.186.198.29 35.186.198.29	15169 (GOOGLE) (GOOGLE)
46	212.166.46.200 212.166.46.200	9208 (WIN) (WIN)
19	35.190.84.112 35.190.84.112	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::681c:606	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::6819:5c6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.169.22.152 109.169.22.152	20860 (IOMART-AS) (IOMART-AS)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
2	35.227.205.204 35.227.205.204	15169 (GOOGLE) (GOOGLE)
1 2	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE)
1 4	2.19.46.25 2.19.46.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.19.37.69 2.19.37.69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
145	30

1 103.224.182.242 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

orgmod.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

bidr.trellian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.81.140 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.140.81.202.116.clients.your-server.de

secure.clicktrkservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.click2partner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.236.118.102 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

click.affordableshape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)

yltenim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.172.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-172-182.compute-1.amazonaws.com

tryd.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.79.50 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-79-50.eu-central-1.compute.amazonaws.com

appdatum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::681f:49a2 (United States)

ASN13335 (CLOUDFLARENET, US)

gaming001.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6818:61a7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

liveads.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.169.22.158 (United Kingdom) 1 redirects

ASN20860 (IOMART-AS, GB)

banners.livepartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 107.154.132.78 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.78.ip.incapdns.net

betfirst.dhnet.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.186.198.29 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 29.198.186.35.bc.googleusercontent.com

cdn.sbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 212.166.46.200 (Liège, Belgium)

ASN9208 (WIN, BE)
PTR: 212-166-46-200.win.be

bfscripts.dhnet.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.190.84.112 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 112.84.190.35.bc.googleusercontent.com

sbapi.sbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681c:606 (United States)

ASN13335 (CLOUDFLARENET, US)

betfirstcasino.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::6819:5c6e (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.169.22.152 (United Kingdom)

ASN20860 (IOMART-AS, GB)

www.betfirst.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.205.204 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 204.205.227.35.bc.googleusercontent.com

pushserver-uk.sbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net

6337700.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.46.25 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-46-25.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.37.69 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-37-69.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	dhnet.be betfirst.dhnet.be bfscripts.dhnet.be	1 MB
38	sbtech.com cdn.sbtech.com sbapi.sbtech.com pushserver-uk.sbtech.com	653 KB
5	serving-sys.com 1 redirects secure-ds.serving-sys.com bs.serving-sys.com	16 KB
4	trellian.com 1 redirects bidr.trellian.com	3 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net 6337700.fls.doubleclick.net	918 B
3	clickcease.com www.clickcease.com	9 KB
3	bing.com bat.bing.com	8 KB
3	google-analytics.com 1 redirects www.google-analytics.com	36 KB
2	turn.com r.turn.com d.turn.com	15 KB
2	facebook.com 1 redirects www.facebook.com	578 B
2	facebook.net connect.facebook.net	143 KB
2	gaming001.site gaming001.site	844 B
2	tryd.pro 1 redirects tryd.pro	788 B
2	affordableshape.com 1 redirects click.affordableshape.com	2 KB
1	atdmt.com cx.atdmt.com	433 B
1	connextra.com ssl.connextra.com
1	cloudflare.com cdnjs.cloudflare.com	10 KB
1	betfirst.be www.betfirst.be	46 B
1	betfirstcasino.be betfirstcasino.be	960 B
1	googletagmanager.com www.googletagmanager.com	41 KB
1	jquery.com code.jquery.com	30 KB
1	livepartners.com 1 redirects banners.livepartners.com	370 B
1	liveads.online 1 redirects liveads.online	386 B
1	appdatum.com 1 redirects appdatum.com	5 KB
1	yltenim.com yltenim.com	3 KB
1	click2partner.com secure.click2partner.com	293 B
1	clicktrkservices.com 1 redirects secure.clicktrkservices.com	312 B
1	orgmod.org 1 redirects orgmod.org	1 KB
145	28

	Domain	Requested by
46	bfscripts.dhnet.be	betfirst.dhnet.be code.jquery.com bfscripts.dhnet.be
22	betfirst.dhnet.be	gaming001.site betfirst.dhnet.be cdn.sbtech.com code.jquery.com bfscripts.dhnet.be
19	sbapi.sbtech.com	cdn.sbtech.com code.jquery.com betfirst.dhnet.be
17	cdn.sbtech.com	betfirst.dhnet.be
4	secure-ds.serving-sys.com	1 redirects www.googletagmanager.com
4	bidr.trellian.com	1 redirects bidr.trellian.com
3	www.clickcease.com	bidr.trellian.com www.clickcease.com
3	bat.bing.com	bidr.trellian.com betfirst.dhnet.be
3	www.google-analytics.com	1 redirects betfirst.dhnet.be www.googletagmanager.com
2	6337700.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pushserver-uk.sbtech.com	cdn.sbtech.com
2	www.facebook.com	1 redirects betfirst.dhnet.be
2	connect.facebook.net	bidr.trellian.com connect.facebook.net
2	gaming001.site	tryd.pro gaming001.site
2	tryd.pro	1 redirects
2	click.affordableshape.com	1 redirects
1	cx.atdmt.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	d.turn.com	bidr.trellian.com
1	ssl.connextra.com	www.googletagmanager.com
1	r.turn.com	betfirst.dhnet.be
1	cdnjs.cloudflare.com	www.clickcease.com
1	stats.g.doubleclick.net	betfirst.dhnet.be
1	www.betfirst.be	betfirst.dhnet.be
1	betfirstcasino.be	code.jquery.com
1	www.googletagmanager.com	bfscripts.dhnet.be
1	code.jquery.com	betfirst.dhnet.be
1	banners.livepartners.com	1 redirects
1	liveads.online	1 redirects
1	appdatum.com	1 redirects
1	yltenim.com	click.affordableshape.com
1	secure.click2partner.com	bidr.trellian.com
1	secure.clicktrkservices.com	1 redirects
1	orgmod.org	1 redirects
145	34

This site contains no links.

Subject Issuer	Validity	Valid
secure.click2partner.com Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
click.affordableshape.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
yltenim.com Let's Encrypt Authority X3	`2020-02-21` - `2020-05-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-09` - `2020-10-09`	10 months	crt.sh
betfirst.dhnet.be Go Daddy Secure Certificate Authority - G2	`2019-12-20` - `2021-12-20`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.sbtech.com Go Daddy Secure Certificate Authority - G2	`2017-12-05` - `2020-12-05`	3 years	crt.sh
*.dhnet.be Go Daddy Secure Certificate Authority - G2	`2017-11-23` - `2020-11-23`	3 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
ssl375664.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-03` - `2020-08-11`	6 months	crt.sh
*.betfirst.be Go Daddy Secure Certificate Authority - G2	`2018-03-27` - `2020-03-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-03-31`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2019-04-15` - `2020-07-14`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Frame ID: E706935D8EC8D8BD0DAC34E64E69C8E4
Requests: 128 HTTP requests in this frame

Frame: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Frame ID: 61325C6D07C0D019A5338FE02B2033C8
Requests: 6 HTTP requests in this frame

Frame: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Frame ID: A7D277E2FC56ABCEE2B66C9FA67178DC
Requests: 9 HTTP requests in this frame

Frame: https://6337700.fls.doubleclick.net/activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763
Frame ID: D3AC5753A1F1C2C04E4CC7CC4809137C
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/universalTag?client=NetBet&id=177947&page=sports_be_homepage
Frame ID: 04172C7F10C3D3AA7331784764AE65B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://orgmod.org/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEb... Page URL
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzic... HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=985789300&sid=20200316080... HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campai... Page URL
https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2... Page URL
https://click.affordableshape.com/proc.php?565e19e50e1fdd415982e4f6fd87633ff646c84b HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_... Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=7efd254a201428f4&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmN... HTTP 303
https://appdatum.com/path/lp.php?trvid=15827&trvx=259b915f&var1=48cDSK_456926&var2=Entertainment HTTP 302
https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmV... Page URL
https://liveads.online/tracking/blander.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3F... HTTP 302
https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3F... Page URL
https://banners.livepartners.com/click.php?z=102319&siteid=frshp_ HTTP 302
https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763 Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

145
Requests

94 %
HTTPS

39 %
IPv6

28
Domains

34
Subdomains

30
IPs

8
Countries

2329 kB
Transfer

8279 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orgmod.org/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D Page URL
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D985789300%26sid%3D202003160806269884cc9d15231f835c&s=j HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=985789300&sid=202003160806269884cc9d15231f835c HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/ Page URL
https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb Page URL
https://click.affordableshape.com/proc.php?565e19e50e1fdd415982e4f6fd87633ff646c84b HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240 Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=7efd254a201428f4&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
https://appdatum.com/path/lp.php?trvid=15827&trvx=259b915f&var1=48cDSK_456926&var2=Entertainment HTTP 302
https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital Page URL
https://liveads.online/tracking/blander.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_ HTTP 302
https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_ Page URL
https://banners.livepartners.com/click.php?z=102319&siteid=frshp_ HTTP 302
https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://orgmod.org/ HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D

Request Chain 3

http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D985789300%26sid%3D202003160806269884cc9d15231f835c&s=j HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=985789300&sid=202003160806269884cc9d15231f835c HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/

Request Chain 5

https://click.affordableshape.com/proc.php?565e19e50e1fdd415982e4f6fd87633ff646c84b HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240

Request Chain 7

http://tryd.pro/ad/ad?p=216668&w=456926&t=7efd254a201428f4&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
https://appdatum.com/path/lp.php?trvid=15827&trvx=259b915f&var1=48cDSK_456926&var2=Entertainment HTTP 302
https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital

Request Chain 8

https://liveads.online/tracking/blander.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_ HTTP 302
https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_

Request Chain 95

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1411679744&t=pageview&_s=1&dl=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&dr=https%3A%2F%2Fgaming001.site%2F&ul=en-us&de=UTF-8&dt=Paris%20Sportifs%20%7C%20Paris%20en%20Ligne%20%7C%20betFIRST&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1648193712&gjid=1985947264&cid=986037015.1584306393&tid=UA-26276393-5&_gid=1859005204.1584306393&_r=1&gtm=2wg340TXLHKF&z=1502231125 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26276393-5&cid=986037015.1584306393&jid=1648193712&_gid=1859005204.1584306393&gjid=1985947264&_v=j81&z=1502231125

Request Chain 129

https://6337700.fls.doubleclick.net/activityi;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763 HTTP 302
https://6337700.fls.doubleclick.net/activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763

Request Chain 136

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/4/2284 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 141

https://www.facebook.com/tr/?id=1542674242665587&ev=Microdata&dl=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&rl=https%3A%2F%2Fgaming001.site%2F&if=false&ts=1584306394745&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paris%20Sportifs%20%7C%20Paris%20en%20Ligne%20%7C%20betFIRST%22%2C%22meta%3Adescription%22%3A%22Parie%20sur%20betFIRST%2C%20le%20premier%20site%20de%20paris%20sportifs%20en%20Belgique.%20Profite%20des%20meilleures%20cotes%20du%20march%C3%A9%20sur%20tous%20tes%20sports%20favoris%20!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1584306393242.898662433&it=1584306393141&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=17111716902733934351&f=AYx2ZkWPrUDp8VbgR3gc2R2FKh9o2CRNz4cexNlW-AxTg1WE5MnZiU2QRv985knX_uoP-LWrdG5k1lLhZP1ftQsT&id=1542674242665587&l=3&v=0

145 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set r2.php Show response
bidr.trellian.com/
Redirect Chain

http://orgmod.org/
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2Fu...

2 KB
2 KB

459ms
299ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 98b806399db5a2a8d101354dec2fea66fa2a097e0eb34c5974f3d9b232536797

Request headers

Host: bidr.trellian.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Mar 2020 21:06:27 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __dsnsid=202003160806269884cc9d15231f835c; expires=Mon, 15-Mar-2021 21:06:27 GMT; Max-Age=31536000; path=/; domain=bidr.trellian.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1237
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 15 Mar 2020 21:06:26 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1584306386.3693271; expires=Wed, 13-Mar-2030 21:06:26 GMT; Max-Age=315360000
Location: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
bidr.trellian.com/javascript/ 858 B
701 B 309ms
296ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/javascript/jscheck.js
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4

Request headers

Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Mar 2020 21:06:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 05:31:22 GMT
Server: Apache/2.4.25 (Debian)
ETag: "35a-57ce09ffa182b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 388

GET
H/1.1 200
OK jscheck.php
bidr.trellian.com/ 0
166 B 320ms
304ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://bidr.trellian.com/jscheck.php?enc=cF8L0S4UvzZFbF2sJTBoT4o22q0vBaP96S41bNumwUbwDPq5d09wTYqQOhljKvZRLSDBjzKZZMvQv6yql2k655104BABqhzW4TO9y8A4O1BFYEWQFK89%2BRKXiTg9RRFQJXEV0hJ%2FUdag%2BHXzPW695HRHQQE9zs0alaOG%2BA1zvjGJ1PYUoTbNEDr3wpokpcr5rLz%2FIoSck88S%2FCm0ymqpkSeE4CtdBvsNZr5WNnlhucHbAmztAnbu9yFqnXUv00zCZOV9ncDO2u4I1IlsAbe8yCm%2FfVOGZPfbxDyOjd%2F4bL99EkiXHUCJgqrxgLHHH29MA7VaQoRM9%2FzUAnlnWSphWiKbI0FN7dma8gqmzqsADtXalTf9i24bLK%2BlraIwdYrm3s6AReWSQ99u%2BhpYx55R8EU7ODjrjjBt%2FjrOeeiNFWUogTKFGm%2BOm7UW148CCjCKS0mrgowIJHEd1z0%2B0s6VrKUl6gRVk%2B%2Fa0z%2BLdfPzxAU0JOMO0UX3KYW0IHtNReSh2kCx71BwOz0RMc05pGvJLEZNCxZRsRP0oX%2FhVn6ggGNONTwoLQFvoSoFE6alZPr2xP0laizuC1OeG0xUad8swMMTE7bcNf46mx%2Blw%2BOO0S2oPBOA4u12%2BQIEqHP8V0PyyKqLoW%2Fp91rJB2%2FOQwp%2FkvijeKrZ6Gsjul9BLXCshkRuLHW6%2BqtT9RSivAUgTqmTbdOb9GLN0K5OLgmufHkAFavIvyoESIs5v%2Fl2W%2FQ0DFVFGlrWzeQvq17jA5GHpVfOL2K4gFBuSDaNuWJ9D46Bp1KEMekXV4sf99QQO0Ng2WhsM1klvCw%2BmgZUV%2FPtFV1GAJJulaRjaQP29FyEC6FvZirU5Ek7FMvfwTarNe6x%2FxjSOM83dfxub11aAlITBZEQDZIO4ZDmIb1h7tByq6MI2owCKsI217OyJ91TDBL2Gs0PHVo2nE6I%2BVeq%2BxW7sAim&rand=0.3632195601430197
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Mar 2020 21:06:28 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

index.php Show response
secure.click2partner.com/nlp/
Redirect Chain

http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D985789300%26sid%3D202003160806269884cc9d15231f835c&s=j
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=985789300&sid=202003160806269884cc9d15231f835c
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/

176 B
293 B

104ms
27ms

Document
text/html

116.202.81.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/

Requested by

Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

116.202.81.140 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.140.81.202.116.clients.your-server.de

Software

nginx/1.16.1 /

Resource Hash

277ab168f5c9d586702ef3afe5280f959c1ec13622ba47ced9b2fcfed327a558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: secure.click2partner.com
:scheme: https
:path: /nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 15 Mar 2020 21:06:28 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip

Redirect headers

status: 302
server: nginx/1.16.1
date: Sun, 15 Mar 2020 21:06:28 GMT
content-type: text/html; charset=UTF-8
location: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/
set-cookie: uclick=ghhqu3fy; expires=Mon, 16-Mar-2020 21:06:28 GMT; Max-Age=86400; path=/
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
click.affordableshape.com/ 5 KB
2 KB 404ms
132ms Document
text/html 173.236.118.102
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.236.118.102 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

f03c20fd2a6ca60fdd84f4e8d92b66ec556b393b714a190d270a977a17cfeb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: click.affordableshape.com
:scheme: https
:path: /?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb&url_bnm_redirect=https://click.affordableshape.com/

Response headers

status: 200
server: nginx
date: Sun, 15 Mar 2020 21:06:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=dedd6b15de5dd847163adb9c0ce04781; expires=Mon, 15-Mar-2021 21:06:29 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

https://click.affordableshape.com/proc.php?565e19e50e1fdd415982e4f6fd87633ff646c84b
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240

4 KB
3 KB

350ms
301ms

Document
text/html

205.147.93.131
ZENEDGE

General

Check archive.org

Show headers Download Go to

Full URL

https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240

Requested by

Host: click.affordableshape.com
URL: https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

f89a502125886d7f76fe243c68cf7d2e4ef996a6e06a9023e82ae174dea77b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=6cc9eghhqu3fybeb#

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sun, 15 Mar 2020 21:06:29 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=c2608e3cfa59b631499099ec78273000_1584306389.5999; domain=yltenim.com; path=/; expires=Wed, 13-Mar-2030 21:06:29 UTC; Secure b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1584306389.6033; domain=yltenim.com; path=/; expires=Wed, 13-Mar-2030 21:06:29 UTC; Secure vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YnRNeGR5dXJNS1pnYmRXYkxVS3ErNy9ZZ0ZHOTlPZTkxMXZpanJLUW1PcQ%3D%3D; domain=yltenim.com; path=/; expires=Wed, 13-Mar-2030 21:06:29 UTC; Secure c2608e3cfa59b631499099ec78273000_1584306389.5999_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkZlNk9hMW5XYTVWUit0bWJSTDBxNUwydXQ1MHA4L004UnVDaE5kbXdPUmJlY1BIQi9kbjUyNlNwRk9yOW0veHNqVmRDY0xMTGpGaTR3YmlmNWVuUGZIdlVKeXF0MVY3WUJoVmxHam42akRTdFZDa3QyK2VYMEcvc2VwTlBxZ2xSbEZPN2F3eFIxVjljT0ZqRTdsQzJkcG91TDJvbGtNb3BtNjhwK0RjNWZDblpVdkJDRHVKcEZmenI4ckZzdjdQNXEwMnVEcU5wbS9YNDNzeG5sVmZpTjdnQ1dRNGNsWUhyWkczNHFJUnphWWhuSkExR3QvRE5NOXZGN1B2S3VyZDFTRGR6ZUNZcjUrSmJpSFJYcWRUd3d6Z1cyRVdqT2NRVnpzcS9BMjRCMmJIYnRtNWoyYWNzckRWallQY1IvdTR3QWdLcEEvc3dVL2dMTVVua1JvSGUrSHRtdjYraGpaR2drck95dzJZRFhLMyszREhMQUUrOFdHOCt4Z2k0aUFzMGdtdTBZa0x2Uy9PKzF6Tk5McmgvdDdtMWRVcVpaSFhFbThuNWVEaHpjOG5IWkhhYU1jeGxrbVZ1bWtkWGFxeUI1TmcwRG1NRmt6MFI0a3M2aGZySSt6MkVjMFVscDdibHg5R01VVDFzclBBYStxODFSdzV6UXgwdzdqekk4UFVGYnJ6VHZmK3JSOHJCNWdGeHozMTl2YlBoQnFDZlA4c3EySlVIWVRNMndISjBDWmYrd1Q1N2hPU2prTVczQkd1UG5tQ3hrQ3daVjVNTUlza09xVGRJMk50bmdNcXR4TU1qZjBRQlowNFJmVEIzMWw1MU5mV2pRSWtOYXNoZTRPU1VCMng5MnNXdk9UaHVYb2F5d0xXUWFhSm1kN2VlNGVVT2RsR05MUWgrRUY0UFFZUVpUdTdoT1F2WlM3MmhZSFBDZzkzRDk2UWJFa3BJbFdKNW5RakFHdk80T3NROVpoV3IyREJpanphL2F5cDZKeUVabUY5cFpHMUpyT1Nsei9qOUdRcWtyTjdzVHVCZmx4b0VhVm5LaWZuY3hFSWphSURBTmxTeWsxT2RKRTdyaFMxYnh1a0cvVnZPZERzQXNvb1ZkSUNKSE1HQ2NqK0N0NWlSSUZCQXlKN2ppdzBROVBzYVNTdlVFK0NGMjJDTGlqUVpuUzNlMXRsRURQRk95VEVjZ2NXZVFCOEV3bkJiWVNsdHNKWFJ5QUlhanp4UUU1Ylk4RHNoTndwdk5MTw%3D%3D; domain=yltenim.com; path=/; expires=Wed, 13-Mar-2030 21:06:29 UTC; Secure f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=UGNadlZiSDhxNVpSMStIMGhFZGJhdUJob0I2SENIZTI2ME4wcnk5Q2VGbXhOQkJLWW9ORTk2UmFEZ2tueFdZYWpiUkhFeU83S3VuZ0QxWWMzSnplYWpmVW4zRDdtTVpQK3V2M1AwbExrUFU9; domain=yltenim.com; path=/; expires=Sun, 15-Mar-2020 22:11:29 UTC; Secure SERVERID=sfc14; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sun, 15 Mar 2020 21:06:29 GMT
content-type: text/html; charset=UTF-8
location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6804544127615631620&ext1=240
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H/1.1 200
OK 456926 Show response
tryd.pro/go/216668/ 466 B
517 B 258ms
203ms Document
text/html 54.236.172.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://tryd.pro/go/216668/456926
Protocol: HTTP/1.1
Server: 54.236.172.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-172-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 64f34524369807147b5a9d991fac1e49dc756f01480eb80c00944513700952e4

Request headers

Host: tryd.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://yltenim.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/

Response headers

Date: Sun, 15 Mar 2020 21:06:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

converto_track.php Show response
gaming001.site/tracking/
Redirect Chain

http://tryd.pro/ad/ad?p=216668&w=456926&t=7efd254a201428f4&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200
https://appdatum.com/path/lp.php?trvid=15827&trvx=259b915f&var1=48cDSK_456926&var2=Entertainment
https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&sitei...

415 B
530 B

360ms
326ms

Document
text/html

2606:4700:3030::681f:49a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital
Requested by: Host: tryd.pro
URL: http://tryd.pro/go/216668/456926
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681f:49a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f7ff7035b830fa1e3c70a50f3e8686e0649b3060cddd86016fab7dbbbae60a

Request headers

:method: GET
:authority: gaming001.site
:scheme: https
:path: /tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://tryd.pro/go/216668/456926
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tryd.pro/go/216668/456926

Response headers

status: 200
date: Sun, 15 Mar 2020 21:06:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d391a557b8613ae9e1bdd6f543166aaeb1584306390; expires=Tue, 14-Apr-20 21:06:30 GMT; path=/; domain=.gaming001.site; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 574932ddaa29c303-FRA
content-encoding: br

Redirect headers

Date: Sun, 15 Mar 2020 21:06:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: THRIVE_SESS=plkourmdtbkl7t75r5h4c2q3p2; expires=Mon, 16-Mar-2020 21:06:30 GMT; Max-Age=86400; path=/; domain=.appdatum.com ClickId=3up9vm32smuq;expires=Tue, 14 Apr 2020 21:06:30 GMT; path=/; domain=.appdatum.com; secure; samesite=None; OfferPage=https%3A%2F%2Fgaming001.site%2Ftracking%2Fconverto_track.php%3Fref%3DMQ%253D%253D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%253D.ZmFsc2U%253D%26params%3Dz%253D102319%26siteid%3Dfrshp_%257C%257C3up9vm32smuq%257C%257C48cDSK_456926%257C%257C15827%257C%257CEntertainment%257C%257C%257C%257C%257C%257C%257C%257CPCS%257C%257C%257BofferID%257D%257C%257C0%257C%257Cdesktop%257C%257C%257C%257C%257C%257C%257C%257CMac%257C%257C10.14%257C%257CChrome%257C%257CM247%2BLtd%257C%257CBelgium%257C%257C185.210.217.121%257C%257C--%257Ctpthtryd.pro%252Fgo%252F216668%252F456926%257C%257C%257C%257CBrussels%257C%257CBrussels%2BCapital;expires=Tue, 14 Apr 2020 21:06:30 GMT; path=/; domain=.appdatum.com; secure; samesite=None; OfferID=3675;expires=Tue, 14 Apr 2020 21:06:30 GMT; path=/; domain=.appdatum.com; secure; samesite=None; clickData_3up9vm32smuq=eJx1VY1O4zgQfpUoEgi0NHWcJml6qk4L5b%2FldrcLC6hS5TpOkyOJfbYTKCvefcdx2YNDJ6XJzDcz9njmG%2Fenq5rVeeqO3KARSVsFWFXNP%2B6BS0klDO6HQxwfuIo3kjIDJMMDtyR1WtRro6Lf2oRo1vkPAhQFCRh4ljFpnIIoDrfqtSxhs1xroUaL%2FqK%2FJhXEIuR7qtBs0deS0AdAFn3K65ZJzZcd5Ilc%2FClZNp593Qkm8Hjk7BuiZ7NoukmKux9hc3978TytnkRa3Tze3V6gVXWzoZvw7xVG7R1%2BEndYNfQ0f%2FwS8GT2%2FfNm9nwcXtRXIj29EfcTv6L1FacnSZxWJ5tZgMwW99WJovgaxF1BJKnU%2BBlkH%2BHAT3ZNvkU6zqTKxXInPoLnbQ0tMhjSyfxyOQijBEcW6ipqxeNawwlJUVes1hb6%2BHw5mr%2FKh7aik514YiFkPylTD5qL%2F1thRuh2a%2BT5Ayse5ZJXbGvHg%2FjTVKdWO2TlumiqbcQw9DCEYT%2F2fOxbsNeDlxY613KTekLyHXyyNi%2FsR1E0BOHteberykYpVqr32qcjIgpNSnfLjo8cEmTDG93xjDZSsppugD%2FX84nhKDDEHWWkVMwqNhxcgTK1Ok8VuIKfZG2HtgX0jEt39NMtBJj%2BczjwJGtoxFyDizvjz0VZkkU%2F9JCzByUsas1V%2FodzDk0rHQCcv%2BbOreOjpT9YhvvOZyFK9oOtLgsNQUHsBZGzd3n2fTY9cMrigTmnjD7wfcdWftGPBx7yghgnnh8lzpxkRBavgW43VesG8oFUWG10TklptV6jAGAtKaesZTBPMKB6I4xxywRTT3N4yBJEGCNV8Nqc2BAAkJXkj4qZY9psOgjG2Nar4qlZ1YgpawvKrkjFrF4oUzhDGAcIY3tQM6rt8kYvtGnQa4O76q%2Bt9RVz%2Fm06hZ0CYzqedp5AgS4rcz9018Mrw%2BCigJ%2Fl16Jv6QURjSzAe9EXROeLfim6W0LLFuayG7NdkJ%2FGOExWiR9muy2R%2FvjdSBoIj9%2FNofsCxzRADSkCVShXln%2FsyYLn2zK1CL7vVjOgD%2BCH9bjOWce7lK2atRFkU7JDyciDadPeECVohHu2VPtdKdJCQl2%2FcdjbrXnNzDJ5l4pLhEiJbiqP8gp8lYI8tWyYCRNlQQlsajhu8kQ%2BDcMsIhlbJZSlq%2FRtR1jTo5ChJGXPd19efk%2FIGVG5MWcZxlFA45jSeIgoVN%2BnqwxFWZCGg8EQBXgYZsPBm3xnTOfc%2FC28%2FAJHVupq;expires=Sun, 15 Mar 2020 21:36:30 GMT; path=/; secure; samesite=None; clickData=eJx1VY1O4zgQfpUoEgi0NHWcJml6qk4L5b%2FldrcLC6hS5TpOkyOJfbYTKCvefcdx2YNDJ6XJzDcz9njmG%2Fenq5rVeeqO3KARSVsFWFXNP%2B6BS0klDO6HQxwfuIo3kjIDJMMDtyR1WtRro6Lf2oRo1vkPAhQFCRh4ljFpnIIoDrfqtSxhs1xroUaL%2FqK%2FJhXEIuR7qtBs0deS0AdAFn3K65ZJzZcd5Ilc%2FClZNp593Qkm8Hjk7BuiZ7NoukmKux9hc3978TytnkRa3Tze3V6gVXWzoZvw7xVG7R1%2BEndYNfQ0f%2FwS8GT2%2FfNm9nwcXtRXIj29EfcTv6L1FacnSZxWJ5tZgMwW99WJovgaxF1BJKnU%2BBlkH%2BHAT3ZNvkU6zqTKxXInPoLnbQ0tMhjSyfxyOQijBEcW6ipqxeNawwlJUVes1hb6%2BHw5mr%2FKh7aik514YiFkPylTD5qL%2F1thRuh2a%2BT5Ayse5ZJXbGvHg%2FjTVKdWO2TlumiqbcQw9DCEYT%2F2fOxbsNeDlxY613KTekLyHXyyNi%2FsR1E0BOHteberykYpVqr32qcjIgpNSnfLjo8cEmTDG93xjDZSsppugD%2FX84nhKDDEHWWkVMwqNhxcgTK1Ok8VuIKfZG2HtgX0jEt39NMtBJj%2BczjwJGtoxFyDizvjz0VZkkU%2F9JCzByUsas1V%2FodzDk0rHQCcv%2BbOreOjpT9YhvvOZyFK9oOtLgsNQUHsBZGzd3n2fTY9cMrigTmnjD7wfcdWftGPBx7yghgnnh8lzpxkRBavgW43VesG8oFUWG10TklptV6jAGAtKaesZTBPMKB6I4xxywRTT3N4yBJEGCNV8Nqc2BAAkJXkj4qZY9psOgjG2Nar4qlZ1YgpawvKrkjFrF4oUzhDGAcIY3tQM6rt8kYvtGnQa4O76q%2Bt9RVz%2Fm06hZ0CYzqedp5AgS4rcz9018Mrw%2BCigJ%2Fl16Jv6QURjSzAe9EXROeLfim6W0LLFuayG7NdkJ%2FGOExWiR9muy2R%2FvjdSBoIj9%2FNofsCxzRADSkCVShXln%2FsyYLn2zK1CL7vVjOgD%2BCH9bjOWce7lK2atRFkU7JDyciDadPeECVohHu2VPtdKdJCQl2%2FcdjbrXnNzDJ5l4pLhEiJbiqP8gp8lYI8tWyYCRNlQQlsajhu8kQ%2BDcMsIhlbJZSlq%2FRtR1jTo5ChJGXPd19efk%2FIGVG5MWcZxlFA45jSeIgoVN%2BnqwxFWZCGg8EQBXgYZsPBm3xnTOfc%2FC28%2FAJHVupq;expires=Tue, 14 Apr 2020 21:06:30 GMT; path=/; secure; samesite=None;
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital
Server: Thrive-01c55f6afeb9cedbd-eu-central-1

GET
H2

200

redirct.php Show response
gaming001.site/tracking/
Redirect Chain

https://liveads.online/tracking/blander.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_
https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_

216 B
314 B

176ms
176ms

Document
text/html

2606:4700:3030::681f:49a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_
Requested by: Host: gaming001.site
URL: https://gaming001.site/tracking/converto_track.php?ref=MQ%3D%3D.aHR0cHM6Ly9iYW5uZXJzLmxpdmVwYXJ0bmVycy5jb20vY2xpY2sucGhwP3o9MTAyMzE5JnNpdGVpZD1mcnNocF97dmFyM30%3D.ZmFsc2U%3D&params=z%3D102319&siteid=frshp_%7C%7C3up9vm32smuq%7C%7C48cDSK_456926%7C%7C15827%7C%7CEntertainment%7C%7C%7C%7C%7C%7C%7C%7CPCS%7C%7C%7BofferID%7D%7C%7C0%7C%7Cdesktop%7C%7C%7C%7C%7C%7C%7C%7CMac%7C%7C10.14%7C%7CChrome%7C%7CM247+Ltd%7C%7CBelgium%7C%7C185.210.217.121%7C%7C--%7Ctpthtryd.pro%2Fgo%2F216668%2F456926%7C%7C%7C%7CBrussels%7C%7CBrussels+Capital
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681f:49a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d796a85fd6fa1954d0695faec94661f2376dd3b456a70216d97f4024421666a0

Request headers

:method: GET
:authority: gaming001.site
:scheme: https
:path: /tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://gaming001.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://gaming001.site/

Response headers

status: 200
date: Sun, 15 Mar 2020 21:06:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc33c1a2734f39a315dff05087e9fea3e1584306391; expires=Tue, 14-Apr-20 21:06:31 GMT; path=/; domain=.gaming001.site; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 574932e42b80c303-FRA
content-encoding: br

Redirect headers

status: 302
date: Sun, 15 Mar 2020 21:06:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7db5b85e0985cfa825720c61f66f73dd1584306391; expires=Tue, 14-Apr-20 21:06:31 GMT; path=/; domain=.liveads.online; HttpOnly; SameSite=Lax
location: https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 574932e04df5dff7-FRA

GET
H2

200

Primary Request / Show response
betfirst.dhnet.be/
Redirect Chain

https://banners.livepartners.com/click.php?z=102319&siteid=frshp_
https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

814 KB
157 KB

264ms
212ms

Document
text/html

107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Requested by

Host: gaming001.site
URL: https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

a46c9e251d2d8f5111a3a78917c6cccadb5db6c55f0a565aee6c4df98b8eb74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: betfirst.dhnet.be
:scheme: https
:path: /?idaffiliation=342365&siteid=frshp_&click_id=140649763
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://gaming001.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://gaming001.site/tracking/redirct.php?t=https%3A%2F%2Fbanners.livepartners.com%2Fclick.php%3Fz%3D102319%26siteid%3Dfrshp_

Response headers

status: 200
date: Sun, 15 Mar 2020 21:06:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: lb_sess=1f6864e06bf33199e8528025f38ee2e7; path=/ sbtssid=mrvl01zchxqnp2ndgp1w1q5h; domain=.dhnet.be; path=/; HttpOnly firstrefer=aHR0cHM6Ly9nYW1pbmcwMDEuc2l0ZS8_; domain=.dhnet.be; expires=Wed, 18-Mar-2020 21:06:31 GMT; path=/; secure; HttpOnly firstrequest=aHR0cDovL2JldGZpcnN0LmRobmV0LmJlLz9pZGFmZmlsaWF0aW9uPTM0MjM2NSZzaXRlaWQ9ZnJzaHBfJmNsaWNrX2lkPTE0MDY0OTc2Mw__; domain=.dhnet.be; expires=Wed, 18-Mar-2020 21:06:31 GMT; path=/; secure; HttpOnly lng=169; domain=.dhnet.be; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly oSt2=1; expires=Sun, 15-Mar-2020 22:06:31 GMT; path=/; HttpOnly dTz=; domain=.dhnet.be; expires=Sat, 15-Feb-2020 21:06:31 GMT; path=/; HttpOnly cTz=1; domain=.dhnet.be; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure bVC=1; domain=.dhnet.be; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure first_visit_ssl=first visit to best place to bet; domain=.dhnet.be; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly visid_incap_974085=s9FDR5cWQzyKnyOJ+PIjVNeYbl4AAAAAQUIPAAAAAAAzi10Vw+9ybhRzYiRe5qho; expires=Mon, 15 Mar 2021 07:01:48 GMT; HttpOnly; path=/; Domain=.dhnet.be incap_ses_450_974085=7ikQC5n/XRhHv6Tygbo+BteYbl4AAAAAjSLGGn4rxYjziz2nrQbtMQ==; path=/; Domain=.dhnet.be
cache-control: private
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
x-cdn: Incapsula
x-iinfo: 4-61389037-61367437 PNNy RT(1584306391609 0) q(0 0 0 0) r(1 1) U12

Redirect headers

Server: nginx
Date: Sun, 15 Mar 2020 21:06:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hash=4d26a843-0cb6-4c3f-9d96-03fcd493994b; expires=Tue, 08-Mar-2050 21:06:32 GMT; path=/; SameSite=Lax
Location: https://betfirst.dhnet.be?idaffiliation=342365&siteid=frshp_&click_id=140649763

GET
H2 200 app-desktop.css
betfirst.dhnet.be/css/ 771 KB
143 KB 54ms
53ms Stylesheet
text/css 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://betfirst.dhnet.be/css/app-desktop.css?version=637195220554604148
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: b4eb90671cc031e53ef398ebdc064553b8439e98ca2c76491594ff551c578464

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 15 Mar 2020 21:06:31 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 11:23:35 GMT
x-cdn: Incapsula
etag: "-1418396972"
content-type: text/css
status: 200
x-iinfo: 4-61389128-61363799 2VNN RT(1584306391841 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 145773
expires: Sun, 15 Mar 2020 21:36:31 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 271ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 21:06:32 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1584306392.dop142.fr8.shc,1584306392.dop142.fr8.t,1584306392.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 analytics.js
www.google-analytics.com/ 0
18 KB 6ms
5ms Other
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1677
date: Sun, 15 Mar 2020 20:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sun, 15 Mar 2020 22:38:35 GMT

GET
H2 200 splash.png
betfirst.dhnet.be/imgs/ 50 KB
50 KB 69ms
69ms Image
image/png 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betfirst.dhnet.be/imgs/splash.png

Requested by

Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

0ec181be8c799367a4a4d95d7bbc3695a8dbf18b7a1a66f50ef1a3e8c34a8794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 10:07:28 GMT
x-cdn: Incapsula
etag: "956621822"
content-type: image/png
status: 200
x-iinfo: 4-61389129-61386944 2NNN RT(1584306391850 0) q(0 0 0 -1) r(0 0)
cache-control: public, max-age=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 21:06:32 GMT

GET
H2 200 jsprofile.js Show response
betfirst.dhnet.be/ 2 MB
288 KB 83ms
82ms Script
application/x-javascript 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/jsprofile.js?deviceType=IsDesktop&version=fc8c71041e870471&pageId=13807

Requested by

Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

ea3e37e8f7032d04ffce84e71e08fcda9ec4869957bd5a652c7fd18be8dec52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2020 19:05:22 GMT
x-cdn: Incapsula
etag: "-1386730313"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
x-iinfo: 4-61389131-61389132 2NNN RT(1584306391856 0) q(0 0 0 -1) r(0 1) U18
cache-control: public, must-revalidate
content-length: 292729
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 21:06:32 GMT

GET
H2 200 sbRespPlatform-vendors.js Show response
cdn.sbtech.com/rj/sb-resp-platform/3.0.40/ 596 KB
178 KB 63ms
19ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-vendors.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 29c6a48ce666976023979ae74e26057b38190c6261ea765caf4eff5e58e7b844

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 08:25:54 GMT
content-encoding: gzip
age: 218438
status: 200
x-guploader-uploadid: AEnB2UoohuaC3NZClXl6qHdt9T7qkZGQGbqJmmEdA7fIsTskwX1RbOGwFXzLQ5l8TUtPiubLmVDZdGZMpt8jjJW0li8jAmTRgSQ7n7C99Rlq58GR9AOB_rA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 181691
last-modified: Thu, 16 Jan 2020 16:18:04 GMT
server: UploadServer
etag: "bebd9a9900898858f56bfc41ef7dc9d8"
vary: Accept-Encoding
x-goog-hash: crc32c=I2f2mA==, md5=vr2amQCJiFj1a/xB733J2A==
x-goog-generation: 1579191484501589
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 181691
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 12 Apr 2020 08:25:54 GMT

GET
H2 200 sbRespPlatform-main.js Show response
cdn.sbtech.com/rj/sb-resp-platform/3.0.40/ 666 KB
173 KB 45ms
44ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cc9a1dc03b815d162607c51e32624b170eedce6f9da4e8fa60e140b2b4346515

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:08:52 GMT
content-encoding: gzip
age: 640660
status: 200
x-guploader-uploadid: AEnB2UpUItkN6V0NAjmIr0o3XfkXgdiGV9RNUqsgqMcfdbkTELfPlWyJAYVeOZ3dH4rzHxJHSKy5oUeGCh-HNf1l5fUvXUituw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 176643
last-modified: Thu, 16 Jan 2020 16:18:04 GMT
server: UploadServer
etag: "036050fbbea17c1b3b7b5deb24ca8216"
vary: Accept-Encoding
x-goog-hash: crc32c=0Go/Mg==, md5=A2BQ+76hfBs7e13rJMqCFg==
x-goog-generation: 1579191484442901
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 176643
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:08:52 GMT

GET
H2 200 sbDataLayer.js Show response
cdn.sbtech.com/rj/sb-data-layer/0.0.20/ 39 KB
12 KB 18ms
18ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-data-layer/0.0.20/sbDataLayer.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 340d3264c5c16be25f564bf87d0f55952d3a44c4f00ae0407c860391a617f9d7

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 07:24:06 GMT
content-encoding: gzip
age: 308546
status: 200
x-guploader-uploadid: AEnB2Uq-V-Mz7Dsb4T-XhkgOLBUBK71JxJy4UD9Zhergbt74pcmS9k2ly7cVvW2T62kfQX9l6VdvqoE8sG_4NUjHaFPgY7fQUhscByW69bBX-26hek26loY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12151
last-modified: Thu, 02 Jan 2020 13:13:55 GMT
server: UploadServer
etag: "b5e04d98f1d37831df11d45f7bfe71cb"
vary: Accept-Encoding
x-goog-hash: crc32c=/Ql24Q==, md5=teBNmPHTeDHfEdRfe/5xyw==
x-goog-generation: 1577970835001118
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 12151
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 11 Apr 2020 07:24:06 GMT

GET
H/1.1 200
OK responsive Show response
bfscripts.dhnet.be/JS/ 563 KB
144 KB 313ms
224ms Script
application/javascript 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/JS/responsive
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 720a8e21d0435b9813d13691a057e9cd3a8f63ac41aaa4cbae87633cc9789c85

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 17:26:48 GMT
Server: Apache
Etag: bf8f93ba52da5afba3e17a1f024cf5ab
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8;
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Sat, 13 Mar 2021 17:26:48 GMT

GET
H2 200 filterblock.js Show response
cdn.sbtech.com/rj/sb-responsive-filter-block/5.0.9/ 63 KB
14 KB 23ms
19ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-filter-block/5.0.9/filterblock.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e83140119dd17d6286fe522c56bc5c6287089c5c70e14242a7e8583ed3415d7

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:05:27 GMT
content-encoding: gzip
age: 640865
status: 200
x-guploader-uploadid: AEnB2UqiWm3jhXZOFb-9olN6L9gbF59acN9jNf_vdPWg0pPDkzzEGplKW6dBrvkzgmRp2t7Kx_agjtljd-pR9VA158_xuQEnlw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13883
last-modified: Wed, 08 Jan 2020 12:27:21 GMT
server: UploadServer
etag: "3e4fa61058d4ddf86c05796f7a764712"
vary: Accept-Encoding
x-goog-hash: crc32c=CRtsGg==, md5=Pk+mEFjU3fhsBXlvenZHEg==
x-goog-generation: 1578486441106744
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 13883
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:05:27 GMT

GET
H2 200 eventlistpresenter.js Show response
cdn.sbtech.com/rj/sb-responsive-event-list-presenter/5.0.26/ 192 KB
41 KB 22ms
18ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-event-list-presenter/5.0.26/eventlistpresenter.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 992791b22901865ec87ad533fe61a4837631a7ae3842c52e0839a5ad79871ae2

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 03:11:14 GMT
content-encoding: gzip
age: 496518
status: 200
x-guploader-uploadid: AEnB2Uqs0eftjrSLfjFKJcU6Z1lCtzFxVTaL8Xmj7_q8MFxAwMbFkC1A5zi12qj0KqHSKsEU1gzG8eCxHIxEqq0ywTI2tPwpCcjL4knH8TLNY9mdwvAelzk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 41860
last-modified: Thu, 09 Jan 2020 12:32:05 GMT
server: UploadServer
etag: "b96b9dd3150432243ee658f46420b912"
vary: Accept-Encoding
x-goog-hash: crc32c=T5324g==, md5=uWud0xUEMiQ+5lj0ZCC5Eg==
x-goog-generation: 1578573125906515
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 41860
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 09 Apr 2020 03:11:14 GMT

GET
H2 200 superbanner.js Show response
cdn.sbtech.com/rj/sb-responsive-super-banner-block/5.0.3/ 114 KB
25 KB 36ms
32ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-super-banner-block/5.0.3/superbanner.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a909c350028cabfa6c53ff323acb265dc24a418441a8478f5af1fb2c23105b5c

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:05:08 GMT
content-encoding: gzip
age: 640884
status: 200
x-guploader-uploadid: AEnB2UrudiwP2jc4cz5cL3YkPgPRqH33-IOI7CXZl6eYaz7jTh3lsx1xb70Tuyq5lrkDSo1Xj10FT5_K8os0-uJ2uJ57QvcxzDgmaEQM1kSHLsaszB_epz4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25246
last-modified: Mon, 06 Jan 2020 15:17:44 GMT
server: UploadServer
etag: "629ee696aed12a9be1174218aa81c3c4"
vary: Accept-Encoding
x-goog-hash: crc32c=MwBpoQ==, md5=Yp7mlq7RKpvhF0IYqoHDxA==
x-goog-generation: 1578323864375704
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 25246
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:05:08 GMT

GET
H2 200 sb-responsive-pulse-bet-blocks.js Show response
cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/ 66 KB
14 KB 19ms
19ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/sb-responsive-pulse-bet-blocks.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae002abe48ecb126dc1f2e9982c8e341abcc2e285b5e4a1328c531ffad108a84

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:05:36 GMT
content-encoding: gzip
age: 640856
status: 200
x-guploader-uploadid: AEnB2UrHtXYVenIIL-9tHGT9Bgy7QRKLXbWXxzuiHfQQnC0lssKvjZdJWEQzZcCYkY55iIXo_K1r5ZLgTyIQwoCwjGTJa-nXtkVUiiPHlphSvfQeeQhHZX8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13920
last-modified: Thu, 19 Dec 2019 16:16:01 GMT
server: UploadServer
etag: "7ca1dc7ff12aa9e2186952ff31a529ef"
vary: Accept-Encoding
x-goog-hash: crc32c=+rUsqg==, md5=fKHcf/EqqeIYaVL/MaUp7w==
x-goog-generation: 1576772161020727
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 13920
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:05:36 GMT

GET
H2 200 pulsebetmarkets.js Show response
cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/ 13 KB
4 KB 35ms
32ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/pulsebetmarkets.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 071992dc9c67be37657ff11294a6b58557795aa220cf3d62b1d5563805a12e8b

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:04:59 GMT
content-encoding: gzip
age: 640893
status: 200
x-guploader-uploadid: AEnB2Urv572jLYNorCq6jgiueWMyb2oy1-IlfxBH8hxPpOT1RSZvUcfl1nqkZIEzCo2DDeIAI1JfNKmJWFKmRnxOI4tDqlEMZER-CNWLy0kXj8E6kk7H9a0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 4188
last-modified: Thu, 19 Dec 2019 16:16:01 GMT
server: UploadServer
etag: "af3844a617015148a3047a9e3cd3d7bc"
vary: Accept-Encoding
x-goog-hash: crc32c=qIJS2A==, md5=rzhEphcBUUijBHqePNPXvA==
x-goog-generation: 1576772161011601
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 4188
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:04:59 GMT

GET
H2 200 mypulsebets.js Show response
cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/ 31 KB
7 KB 35ms
31ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-pulse-bet-blocks/5.0.1/mypulsebets.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 10c355c5254ff20be77c012713e4929cd8b36039b2b94da90f6593191038d0ed

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 03:16:58 GMT
content-encoding: gzip
age: 496174
status: 200
x-guploader-uploadid: AEnB2UrkY3-Qc6jj6Ia-n5NFGvH3P3DiXg8D5rW3Edrf9nw9t9dp7laDdRWq0VdNS7hdvb-mQO6gFki7nGN_gZXA0rOVSCkbg7jdQYhh-6a2wGDWZ2DhI0k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7317
last-modified: Thu, 19 Dec 2019 16:16:01 GMT
server: UploadServer
etag: "8263b73f12ee5aba7459422d2d6dbfc0"
vary: Accept-Encoding
x-goog-hash: crc32c=7jn71A==, md5=gmO3PxLuWrp0WUItLW2/wA==
x-goog-generation: 1576772161046319
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 7317
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 09 Apr 2020 03:16:58 GMT

GET
H2 200 scoreboard.js Show response
cdn.sbtech.com/rj/sb-responsive-scoreboard-block/5.0.0/ 20 KB
5 KB 34ms
31ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-scoreboard-block/5.0.0/scoreboard.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d33d230489db60bae6b5f44efaec769376ce1bfa837d5e5d67b2deb7b7d183d7

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 18:43:33 GMT
content-encoding: gzip
age: 613379
status: 200
x-guploader-uploadid: AEnB2UqnJxAgXAMD866gccAGB9izpexUsMDQADnzVXDcWMKkTpjk43_ie9AqYf4Kd7z5XYH4DiMFzXp2ANGUCHYnDY_kjH2mJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 4459
last-modified: Tue, 03 Dec 2019 14:48:11 GMT
server: UploadServer
etag: "43680b35d669cb574702961474d7f573"
vary: Accept-Encoding
x-goog-hash: crc32c=D7fjlA==, md5=Q2gLNdZpy1dHApYUdNf1cw==
x-goog-generation: 1575384491638728
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 4459
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 18:43:33 GMT

GET
H2 200 leaguelistpresenter.js Show response
cdn.sbtech.com/rj/sb-responsive-league-list-presenter/5.0.1/ 37 KB
9 KB 34ms
30ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-responsive-league-list-presenter/5.0.1/leaguelistpresenter.js
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce65bca3cfad0e21bb5300712d2b1ac622bf5cddefaf0b759956e3be8a6aac1a

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:05:27 GMT
content-encoding: gzip
age: 640865
status: 200
x-guploader-uploadid: AEnB2UqtkI2TV1sNnLFGS2H6E8IKaNspBzsZBstTE6IvE4w6HHT6BjhDgeitale7gPZ6IbAS1XHTAu_P2U-scqzfw3pAjD9XMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8744
last-modified: Thu, 19 Dec 2019 13:56:56 GMT
server: UploadServer
etag: "b3791983802afe42021d8221663b1daa"
vary: Accept-Encoding
x-goog-hash: crc32c=2cPWxg==, md5=s3kZg4Aq/kICHYIhZjsdqg==
x-goog-generation: 1576763816982972
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 8744
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:05:27 GMT

GET
H2 200 25921
betfirst.dhnet.be/img/ 4 KB
5 KB 49ms
45ms Image
image/jpeg 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/25921
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 7e6bc8ed84fa35062db0da87183f9a5cedf914980b9455c42addb0bb2a0d154b

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Thu, 27 Feb 2020 14:59:52 GMT
x-cdn: Incapsula
etag: "-1141033553"
content-type: image/jpeg
status: 200
x-iinfo: 4-61389147-61382918 2VNN RT(1584306392121 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=18144000, public
content-length: 4470
expires: Sun, 11 Oct 2020 21:06:32 GMT

GET
H2 200 25861
betfirst.dhnet.be/img/ 2 KB
2 KB 49ms
46ms Image
image/jpeg 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/25861
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 6388132a57eb359cc6c2fc7f90a007565d468e5041aef89f74bf9e1279b27759

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Thu, 27 Feb 2020 12:50:55 GMT
x-cdn: Incapsula
etag: "-1487481233"
content-type: image/jpeg
status: 200
x-iinfo: 4-61389148-61389132 2VNN RT(1584306392122 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=18144000, public
content-length: 2137
expires: Sun, 11 Oct 2020 21:06:32 GMT

GET
H2 200 25872
betfirst.dhnet.be/img/ 2 KB
3 KB 57ms
54ms Image
image/jpeg 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/25872
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 4313462fb7fe3fa2758ac01c67fbe9b5cfc5380b1a5c9738f9985731f598d070

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Thu, 27 Feb 2020 13:43:22 GMT
x-cdn: Incapsula
etag: "198149223"
content-type: image/jpeg
status: 200
x-iinfo: 4-61389149-61382941 2VNN RT(1584306392123 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=18144000, public
content-length: 2475
expires: Sun, 11 Oct 2020 21:06:32 GMT

GET
H/1.1 200
OK logo_en.png
bfscripts.dhnet.be/themes/sbtech/images/ 6 KB
6 KB 108ms
30ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/logo_en.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 90c5090b16e98683abf6d01d98068a180fec423ea73a9b42d2b426094ff2ba42

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb2d5-1780-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6016

GET
H2 200 21220
betfirst.dhnet.be/img/ 99 B
275 B 56ms
53ms Image
image/png 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/21220
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Wed, 27 Mar 2019 14:08:21 GMT
x-cdn: Incapsula
etag: "-1552550963"
content-type: image/png
status: 200
x-iinfo: 4-61389150-61386944 2VNN RT(1584306392123 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=18144000, public
content-length: 99
expires: Sun, 11 Oct 2020 21:06:32 GMT

GET
H/1.1 200
OK ing.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 110ms
27ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/ing.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5139e29b0515a758fcaeb922052bfbfb35eff2247183ae9ee4f9d1f503065ede

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbf25-a62-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2658

GET
H/1.1 200
OK belfius.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 2 KB
3 KB 110ms
27ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/belfius.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 0daa2ce37a5db04a94319e654d55ddc2d4224cdc34586ae800173f6b5f2873f1

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb310-9b3-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2483

GET
H/1.1 200
OK betfirstcard_fr.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 109ms
26ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/betfirstcard_fr.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 58c9cb8655aac6c07086077272ad4d7ba0bcc394100830d9c624b095c2ca1979

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbf14-a51-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2641

GET
H/1.1 200
OK paysafe.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 4 KB
4 KB 119ms
29ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/paysafe.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 6d63840a9fdf354d85f10f985058b2f597e9c633e847e1e28ed4f0d93cb38bd8

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbf34-f20-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3872

GET
H/1.1 200
OK skrill.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 2 KB
2 KB 29ms
27ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/skrill.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5e52d804dd733ac48a4d0fb4a9258f4e7d319781d0e73ffb5ea36c8e85af6aca

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb339-697-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1687

GET
H/1.1 200
OK paypal.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 32ms
31ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/paypal.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 9f2865df28f960748612f744e0bb48c72e3fd8e096e1ff077b6bb36fc3b9cb99

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb331-a92-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2706

GET
H/1.1 200
OK neteller.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 2 KB
2 KB 33ms
32ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/neteller.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 2a7e9db78bbb6e78c47f993655f16a9d346c1a25393e844d216344751f0c8634

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb32e-7bc-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1980

GET
H/1.1 200
OK ticketpremium.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 32ms
31ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/ticketpremium.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: d11e202a79e345d4d0d06b57e7756aa9f279e35a76a8320d37828631c4c17d55

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb340-c90-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3216

GET
H/1.1 200
OK payment_method_trustly.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
4 KB 29ms
28ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/payment_method_trustly.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 467c895ede01c5acb8875d6c91fdc42dde6f71fc1b49e9e05921d27a526721ce

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbf31-cb6-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3254

GET
H/1.1 200
OK payment_method_visa_debit_card.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 4 KB
5 KB 25ms
25ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/payment_method_visa_debit_card.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 7617fd4b5dde813f0f8c41bd32f92723715f8f972aa6f527c1468d1be791e898

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb330-1127-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4391

GET
H/1.1 200
OK telenet_superprestige_logo.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 6 KB
6 KB 26ms
25ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/telenet_superprestige_logo.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 4adb16edba66488079a49b3e235c64d06468f1e13032db1ce057e498ccc147b1

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb33f-1893-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6291

GET
H/1.1 200
OK ethias-cross.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 10 KB
10 KB 43ms
43ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/ethias-cross.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: d55a2d4e274c328f9497e16df55d31af98016b927cb0e35b44d0ea2c4889cc54

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb31c-27a0-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10144

GET
H/1.1 200
OK genk_logo.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 6 KB
6 KB 25ms
24ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/genk_logo.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 882d1673c8cd3b55c00e9e8affd5070f0f22082a8201226c1b936421b318f01c

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb31f-171b-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5915

GET
H/1.1 200
OK kkc_logo.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 38ms
37ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/kkc_logo.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 6e314329fb95a1689b99a37bc602ee6a7c32526fd7e547fa677656f052be1ad1

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbf28-b9c-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2972

GET
H/1.1 200
OK kvo_logo.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 4 KB
5 KB 26ms
26ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/kvo_logo.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 99a57664ff0ad0e1616b02729249a242b27def858140490544e72bb0bc92f128

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb327-1105-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4357

GET
H/1.1 200
OK zulte_waregem_logo.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 4 KB
5 KB 25ms
25ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/zulte_waregem_logo.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5a51029da29b6118d8994f200979bdb86e51b4bfce9d8a74868e1dc73efdf477

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb345-11c6-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4550

GET
H/1.1 200
OK twitter.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 4 KB
4 KB 26ms
26ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/twitter.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: ca4ea8108c600d392e739f6ea9f6654487a83b720998193b0c1ec132228008d3

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb341-e63-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3683

GET
H/1.1 200
OK facebook.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 2 KB
2 KB 26ms
26ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/facebook.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 93d4ebb3c3ec8a4ba0a55161735aae205b9d6db1b25168dc6f9e46018b0bc21c

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb31d-787-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1927

GET
H/1.1 200
OK youtube.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 27ms
27ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/youtube.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 287c18507d2949a73ac69ad08bac34b2d2932e81e8b5f8bdd1fe018ac943caa7

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb344-c01-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3073

GET
H/1.1 200
OK instagram.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 6 KB
6 KB 26ms
25ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/instagram.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: dc34c1c1e77e6deca94cc12af1105198b0aa4b23adcbce64057400bdc1f480d8

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb324-1880-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6272

GET
H/1.1 200
OK gamcare.png
bfscripts.dhnet.be/themes/sbtech/images/footer/ 3 KB
3 KB 26ms
25ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/footer/gamcare.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 8c4c3ba3d202fd86bd5042e87a7c9910081e8e5d63dc4a6017004231c49eae51

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:23 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4fb31e-c05-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3077

GET
H2 200 sbUserLib.js Show response
cdn.sbtech.com/rj/sb-user-lib/5.0.3/ 30 KB
8 KB 32ms
30ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-user-lib/5.0.3/sbUserLib.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 55bf12aa7be76872b61f602e11a04b67b9796a2e586363a861b6cd85b98cdd75

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 11:28:06 GMT
content-encoding: gzip
age: 1676306
status: 200
x-guploader-uploadid: AEnB2Up8rax-A5uYlw7e16rJzEy-CB-l2t7302AOoVxS711WvlwcP1LHxjmO4drXIlYPspYSAVshL-bxLxoZy4gXoyooBv9QlA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7564
last-modified: Wed, 18 Dec 2019 16:49:10 GMT
server: UploadServer
etag: "29ff63a237687b897f7f759177a910a1"
vary: Accept-Encoding
x-goog-hash: crc32c=hCG5WQ==, md5=Kf9jojdoe4l/f3WRd6kQoQ==
x-goog-generation: 1576687750258504
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 7564
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 26 Mar 2020 11:28:06 GMT

GET
H2 200 sbMathOperations.js Show response
cdn.sbtech.com/rj/sb-math-operations/2.0.0/ 2 KB
978 B 32ms
29ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-math-operations/2.0.0/sbMathOperations.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1c00c5f5e1ee4c5edd22a08062d34f7fd246cf1048fa240350a672c77a419799

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 11:29:39 GMT
content-encoding: gzip
age: 1676213
status: 200
x-guploader-uploadid: AEnB2Uok4e9msS9VP8UvGKILqbO471_i-gp2frkc_FFvLc4hJPxRdLEiuWLwufxtjV-aoiRR-3_gAC2KXJnJCbc3I52T37Vo4g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 681
last-modified: Tue, 19 Nov 2019 12:07:18 GMT
server: UploadServer
etag: "ad7a2d89b1e95fa81eb07b9539b7f65e"
vary: Accept-Encoding
x-goog-hash: crc32c=N/+D3g==, md5=rXotibHpX6gesHuVObf2Xg==
x-goog-generation: 1574165238810224
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 681
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 26 Mar 2020 11:29:39 GMT

GET
H2 200 sbCombinationCalculations.js Show response
cdn.sbtech.com/rj/sb-combination-calculations/2.0.0/ 2 KB
1 KB 31ms
29ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-combination-calculations/2.0.0/sbCombinationCalculations.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 39a0fc79a1e22a96800d5b6e251511ed927caea2a1fbdc89155ea6b302933e46

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:07:41 GMT
content-encoding: gzip
age: 640731
status: 200
x-guploader-uploadid: AEnB2UqRa0wdI-vHWFcP5IUSGA1qgcmcC6SlRjdjP80oDqEtjIo2WqoGySG9aBYFjfAfwRwJfDaVB1ZkcvMbhRav0kh1kmHs0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 874
last-modified: Tue, 19 Nov 2019 12:06:55 GMT
server: UploadServer
etag: "756e450842ecedcc036b53bae7a7c9f2"
vary: Accept-Encoding
x-goog-hash: crc32c=HQJJyg==, md5=dW5FCELs7cwDa1O656fJ8g==
x-goog-generation: 1574165215154637
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 874
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:07:41 GMT

GET
H2 200 sbBetslipLib.js Show response
cdn.sbtech.com/rj/sb-betslip-lib/5.0.24/ 643 KB
137 KB 25ms
23ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-betslip-lib/5.0.24/sbBetslipLib.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f36eea80083805bf01806612e02d81153e420a170da59bc587bf0be2d32bf540

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 11:32:16 GMT
content-encoding: gzip
age: 1676056
status: 200
x-guploader-uploadid: AEnB2UpGo9RbLqMUYzwqVJCvLw8zLNYWZLqGd-Yav0JpO6oe3cvr9fBXOjy8Mcd9hVj5ryKX3_R8a9X9hgRXQBG-khwySyT-Cw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 139823
last-modified: Thu, 16 Jan 2020 16:02:21 GMT
server: UploadServer
etag: "a43fa27f48b5150b0cddcf1d2cec6646"
vary: Accept-Encoding
x-goog-hash: crc32c=GU8rRQ==, md5=pD+if0i1FQsM3c8dLOxmRg==
x-goog-generation: 1579190541434950
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 139823
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 26 Mar 2020 11:32:16 GMT

GET
H2 200 sbBetslipUtilsContracts.js Show response
cdn.sbtech.com/rj/sb-betslip-utils-contracts/2.0.3/ 2 KB
1 KB 18ms
18ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-betslip-utils-contracts/2.0.3/sbBetslipUtilsContracts.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4b49a7af56086747d034f4991d2b8ebe61c3aec808ad5c8120ea502e3e073f17

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 11:05:28 GMT
content-encoding: gzip
age: 640864
status: 200
x-guploader-uploadid: AEnB2UrLo3pHPsvK-GGAQbFZuFDilFkcstvi1II8Eikb1uB0mQPCYyRoaGtkMwy1pE6fsNZew6qLS8o543unCzF7ns6zEmcezfcny4sjfzzELQESQkPPHtc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 921
last-modified: Tue, 14 Jan 2020 10:34:39 GMT
server: UploadServer
etag: "20a751207cd1687937dc9496a0e9e3af"
vary: Accept-Encoding
x-goog-hash: crc32c=yIa6xw==, md5=IKdRIHzRaHk33JSWoOnjrw==
x-goog-generation: 1578998079686308
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 921
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Apr 2020 11:05:28 GMT

GET
H2 200 sbBetslipUtils.js Show response
cdn.sbtech.com/rj/sb-betslip-utils/2.0.3/ 8 KB
3 KB 18ms
18ms Script
application/javascript 35.186.198.29
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sbtech.com/rj/sb-betslip-utils/2.0.3/sbBetslipUtils.js?version=fc8c71041e870471
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.198.29 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.198.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 177700574c7670de0140b56f43c57f2502d91abe5b8835d1a0cc60f7f87d6751

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 11:31:54 GMT
content-encoding: gzip
age: 1676078
status: 200
x-guploader-uploadid: AEnB2Uo9NsL-Xb2NvxHiVs8ODiwaFVwil_OcgI68xUCztF-wHgaLOf3fyMBaj2yT6I-ijwaOktzO1pCvuxXXdgO3KFBwyAxiAw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 2749
last-modified: Tue, 14 Jan 2020 10:44:56 GMT
server: UploadServer
etag: "ada5f32a5388b24d85048d5a08bfa750"
vary: Accept-Encoding
x-goog-hash: crc32c=lOcnBg==, md5=raXzKlOIsk2FBI1aCL+nUA==
x-goog-generation: 1578998696186040
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 2749
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 26 Mar 2020 11:31:54 GMT

GET
H2 200 _Incapsula_Resource Show response
betfirst.dhnet.be/ 126 KB
18 KB 28ms
26ms Script
application/javascript 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://betfirst.dhnet.be/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1668121295
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 4c5250524bd6cb064182c05d9f9a8ba75599e0e90c24ae1d9aae31a69aa68aed

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 18187
content-type: application/javascript

GET
H2 200 GetServerTime Show response
betfirst.dhnet.be/pagemethods_ros.aspx/ 33 B
352 B 41ms
40ms XHR
application/json 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/pagemethods_ros.aspx/GetServerTime?

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

04f8cff3d15d004111aa40cbe0c5276552324f23e61d2bf0458a468eec740323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: AJAXService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
X-JWToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJtcnZsMDF6Y2h4cW5wMm5kZ3AxdzFxNWgiLCJTaXRlSUQiOiIyOCIsIm5iZiI6MTU4NDMwNjM5MSwiZXhwIjoxNTg0OTExMTkxLCJpYXQiOjE1ODQzMDYzOTF9.HB2y0yezL4QFepN_IX6sjqIYJsEMdfds6bSHsu3y8jo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389160-61367437 PNNy RT(1584306392212 0) q(0 0 0 -1) r(0 0) U2
cache-control: private
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block
expires: Sun, 15 Mar 2020 20:56:32 GMT

GET
H2 200 28 Show response
sbapi.sbtech.com/betfirst/auth/platform/v1/api/GetTokenBySiteId/ 254 B
455 B 116ms
66ms Fetch
text/javascript 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sbapi.sbtech.com/betfirst/auth/platform/v1/api/GetTokenBySiteId/28

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

112.84.190.35.bc.googleusercontent.com

Software

Resource Hash

f10eef05b3d83ccc493fcc09f40a64b792f8297e712033f764c646e25af3cb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-store,no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK jsonp Show response
bfscripts.dhnet.be/check/ 59 B
1 KB 85ms
85ms Script
text/html 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/check/jsonp?callback=jQuery33105892133655766794_1584306392591&_=1584306392592
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 4a53f03e48e085a072f9673c4615af492f64208c3aff5412b0375808fdc7f4d4

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 79
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK store Show response
bfscripts.dhnet.be/cross/ 47 B
1 KB 84ms
84ms Script
text/javascript 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/cross/store?callback=jQuery33105892133655766794_1584306392593&_=1584306392594
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 1159d590e82057263848e1f048de86295796a2ba4f689bdce40096df97722a25

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 67
Expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 204 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 0
160 B 30ms
30ms XHR
text/plain 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

OPTIONS
H2 204 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 0
44 B 32ms
32ms XHR
text/plain 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
41 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXLHKF

Requested by

Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/JS/responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baea1b21da1f628e3efa60f987759c2965056a54666e8420debc37b641da0e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 41993
x-xss-protection: 0
expires: Sun, 15 Mar 2020 21:06:32 GMT

POST
H2 200 post_tracking Show response
betfirstcasino.be/ajax/ 4 B
960 B 203ms
152ms XHR
application/json 2606:4700:3037::681c:606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://betfirstcasino.be/ajax/post_tracking
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: */*
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 574932ec2ed51f1d-FRA
status: 200
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://betfirst.dhnet.be
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK CSS
bfscripts.dhnet.be/ 54 KB
11 KB 106ms
106ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/CSS
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/JS/responsive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 817f33032e5fc4f327894a999fa91a5279d70de72f35fcea4ca86b2df5796c68

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 17:04:09 GMT
Server: Apache
Etag: d21e3b035dd4557db36fe519b371a787
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 9461
Expires: Sat, 13 Mar 2021 17:04:09 GMT

GET
H2 200 26128
betfirst.dhnet.be/img/ 102 KB
102 KB 45ms
45ms Image
image/png 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/26128
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: e62f6120bbc90956bbfd0cbb7a97b159e1ec4944781dd67cb4dcc07ebce710c7

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Fri, 13 Mar 2020 13:05:03 GMT
x-cdn: Incapsula
etag: "740534307"
content-type: image/png
status: 200
x-iinfo: 4-61389195-61375656 2VNN RT(1584306392482 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=18144000, public
content-length: 104424
expires: Sun, 11 Oct 2020 21:06:32 GMT

GET
H/1.1 200
OK en_flag_popup.jpg
bfscripts.dhnet.be/uploads/images/ 2 KB
2 KB 23ms
23ms Image
image/jpeg 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/uploads/images/en_flag_popup.jpg
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 2c84c0121437dfc3a1dfddf56d8d555dcd98bcd9adfdf7bcd00515563d765721

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Tue, 25 Feb 2020 15:43:47 GMT
Server: Apache
ETag: "47dc34-88b-59f685a7b52c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2187

GET
H/1.1 200
OK fr_flag_popup.jpg
bfscripts.dhnet.be/uploads/images/ 3 KB
3 KB 26ms
25ms Image
image/jpeg 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/uploads/images/fr_flag_popup.jpg
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5368c8daff69b1c77f926b0d2fc569fa4bf13bdd739f61ac12da3baf40866c67

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Tue, 25 Feb 2020 15:43:52 GMT
Server: Apache
ETag: "47dc35-b5a-59f685ac79e00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2906

GET
H/1.1 200
OK nl_flag_popup.jpg
bfscripts.dhnet.be/uploads/images/ 3 KB
3 KB 29ms
28ms Image
image/jpeg 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/uploads/images/nl_flag_popup.jpg
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5368c8daff69b1c77f926b0d2fc569fa4bf13bdd739f61ac12da3baf40866c67

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Tue, 25 Feb 2020 15:43:58 GMT
Server: Apache
ETag: "47dc36-b5a-59f685b232b80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2906

GET
H/1.1 200
OK tr_flag_popup.jpg
bfscripts.dhnet.be/uploads/images/ 4 KB
4 KB 42ms
24ms Image
image/jpeg 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/uploads/images/tr_flag_popup.jpg
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5adac2c15ed114270681a45d295cd2aedb5a71fc4ea0e6299ba3b65d28b73fcd

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Tue, 25 Feb 2020 15:44:03 GMT
Server: Apache
ETag: "47dc37-f00-59f685b6f76c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3840

GET
H2 200 roboto.woff2
betfirst.dhnet.be/css/shared/fonts/ 19 KB
20 KB 56ms
56ms Font
application/font-woff2 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/css/shared/fonts/roboto.woff2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

1706e244616fe7d32d774dbfb695ee3fd6434a3eca86485a4f95f0a415219a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://betfirst.dhnet.be/css/app-desktop.css?version=637195220554604148
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Feb 2020 10:07:20 GMT
x-cdn: Incapsula
etag: "637236678"
content-type: application/font-woff2
status: 200
x-iinfo: 4-61389197-61379581 2NNN RT(1584306392495 0) q(0 0 0 -1) r(1 1)
cache-control: public
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 21:06:32 GMT

POST
H2 200 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 5 KB
835 B 54ms
54ms XHR
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4cb75202d95ece49058a6845accb7e9d718e1d4e469e22c8af0702b489f01b84

Request headers

Origin: https://betfirst.dhnet.be
locale: fr
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Content-Type: application/json-patch+json
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 614 B
316 B 45ms
44ms XHR
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 79be4ff5a8f90e2ffc282d3b56cb747be83e7b5782183ffb053b52c523c8fcea

Request headers

Origin: https://betfirst.dhnet.be
locale: fr
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Content-Type: application/json-patch+json
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 /
betfirst.dhnet.be/img/15157/ 2 KB
2 KB 78ms
78ms Image
image/jpeg 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/img/15157/
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: 662085a598023c202d1f5ccafac2c51298ce90e7e8b4da716f286981f6fd5d94

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Wed, 03 Jan 2018 14:07:26 GMT
x-cdn: Incapsula
etag: "1503737139"
content-type: image/jpeg
status: 200
x-iinfo: 4-61389198-61382941 2VNN RT(1584306392508 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=18144000, public
content-length: 1550
expires: Sun, 11 Oct 2020 21:06:32 GMT

OPTIONS
H2 204 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 0
44 B 39ms
39ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

OPTIONS
H2 204 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 0
44 B 38ms
38ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

GET
H/1.1 200
OK promo_widget Show response
bfscripts.dhnet.be/responsive/ 48 B
1 KB 72ms
71ms Script
text/html 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/responsive/promo_widget?lang=fr&callback=jQuery33105892133655766794_1584306392595&ids=580-345-578&_=1584306392596
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 225ef46e524fc10f3943da1ccb41fd95da5d633d1a02d1be472fabbdf11e813d

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 68
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXLHKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1678
date: Sun, 15 Mar 2020 20:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sun, 15 Mar 2020 22:38:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 46ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 04:51:11 GMT
x-msedge-ref: Ref A: 16C48642E2864A8DBEC7378C0666D98F Ref B: FRAEDGE1107 Ref C: 2020-03-15T21:06:33Z
access-control-allow-origin: *
etag: "8094a4f3f8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7446

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: Aw3G+5GoWLe26Qh1kGvit9v05GgAuMkjvLe01D4t+w0zxKkDdog3qdClI79NVBgUecNvJ8aWz5+xlryFSuwoHg==
x-fb-trip-id: 1850256238
date: Sun, 15 Mar 2020 21:06:33 GMT, Sun, 15 Mar 2020 21:06:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 2 KB
1 KB 38ms
14ms Script
application/javascript 2606:4700:20::6819:5c6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clickcease.com/monitor/stat.js
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5c6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824039f151d4c19664aaa872676e0de0d3b6d52a08badac0d529cba31f0d1752

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 213853
status: 200
access-control-max-age: 1728000
last-modified: Tue, 31 Dec 2019 13:33:57 GMT
server: cloudflare
etag: W/"621-59b00031653d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 574932ec8ff5980e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Sat, 14 Mar 2020 06:51:02 GMT

GET
H/1.1 200
OK last.php
www.betfirst.be/ 46 B
46 B 144ms
34ms Image
image/gif 109.169.22.152
IOMART-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.betfirst.be/last.php?product=sport
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.22.152 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

OPTIONS
H2 204 GetCountByTag Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Events/ 0
44 B 29ms
29ms XHR
text/plain 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Events/GetCountByTag
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

OPTIONS
H2 204 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 0
44 B 28ms
27ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

OPTIONS
H2 204 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 0
44 B 28ms
28ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

POST
H2 200 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 42 KB
5 KB 50ms
50ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 5111f0bb5dc20c0b2e93584e1624cb115441be914e8dbbf48c32ca52aa0287d0

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 5 KB
853 B 46ms
46ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4cb75202d95ece49058a6845accb7e9d718e1d4e469e22c8af0702b489f01b84

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 GetCountByTag Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Events/ 24 B
111 B 49ms
49ms XHR
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Events/GetCountByTag
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f900ef5844de56dd3c461f4640348e011d4c820e8a8ecb5d8adae18d8f74def6

Request headers

Origin: https://betfirst.dhnet.be
locale: fr
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Content-Type: application/json-patch+json
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 Sports Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/ 5 KB
808 B 90ms
90ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Sports
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4cb75202d95ece49058a6845accb7e9d718e1d4e469e22c8af0702b489f01b84

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 42 KB
5 KB 56ms
56ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 5111f0bb5dc20c0b2e93584e1624cb115441be914e8dbbf48c32ca52aa0287d0

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK loading_white.png
bfscripts.dhnet.be/themes/sbtech/images/ 27 KB
27 KB 27ms
27ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/loading_white.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5feaa78d53590713e1e3a9650ce12c53d9760133151cd9279d0aa21a0044dcaf

Request headers

Referer: https://bfscripts.dhnet.be/CSS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbed6-6a9e-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 27294

GET Roboto-Bold-Latin.woff2
bfscripts.dhnet.be/fonts/ 0
0

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1411679744&t=pageview&_s=1&dl=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&dr=https%3...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26276393-5&cid=986037015.1584306393&jid=1648193712&_gid=1859005204.1584306393&gjid=1985947264&_v=j81&z=1502231125

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26276393-5&cid=986037015.1584306393&jid=1648193712&_gid=1859005204.1584306393&gjid=1985947264&_v=j81&z=1502231125

Requested by

Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 15 Mar 2020 21:06:33 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 21:06:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26276393-5&cid=986037015.1584306393&jid=1648193712&_gid=1859005204.1584306393&gjid=1985947264&_v=j81&z=1502231125
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1542674242665587 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1542674242665587?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48304c87958de38f555cf47c2da046e69a69b70e72fcd7b11fa03b76a8b19920

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: hA1KbDyHtEDhO6sB91y9UP1ukrCyl9J0v/2PsBKhHGg7oSIgoqJErSJsN13n9UuvfQgVADZXXz00yVGnCExZew==
x-fb-trip-id: 1850256238
date: Sun, 15 Mar 2020 21:06:33 GMT, Sun, 15 Mar 2020 21:06:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.0/ 29 KB
10 KB 23ms
23ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.0/fingerprint2.min.js

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2878e261f4608effb59d39ee9e01dd3ea7c16c7ff60b470ee8032009c8994099

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 11887007
cf-ray: 574932ed3b179760-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Tue, 09 Oct 2018 20:45:54 GMT
server: cloudflare
etag: W/"5bbd1382-7255"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Mar 2021 21:06:33 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=19000511&Ver=2&mid=0748269b-73bf-8d5b-c17c-8f49078b692b&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paris%20Sportifs%20%7C%20Paris%20en%20Ligne%20%7C%20betFIRST&p=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&r=https%3A%2F%2Fgaming001.site%2F&evt=pageLoad&msclkid=N&rn=960112
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Sun, 15 Mar 2020 21:06:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: AC03E3DC219E44C79D774CB59EC6517C Ref B: FRAEDGE1107 Ref C: 2020-03-15T21:06:33Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5317137&Ver=2&mid=7fdb5e33-8221-eed9-a5bc-536623d3fe14&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paris%20Sportifs%20%7C%20Paris%20en%20Ligne%20%7C%20betFIRST&p=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&r=https%3A%2F%2Fgaming001.site%2F&evt=pageLoad&msclkid=N&rn=993166
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Sun, 15 Mar 2020 21:06:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D8ED154FC8BE40D3B9FD3FAEA5C13100 Ref B: FRAEDGE1107 Ref C: 2020-03-15T21:06:33Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 0
44 B 30ms
30ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

OPTIONS
H2 204 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 0
44 B 29ms
29ms Fetch 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://betfirst.dhnet.be
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,locale

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-max-age: 28800
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
status: 204
access-control-allow-headers: authorization,content-type,locale
alt-svc: clear

GET
H2 200 cc-snapshot.js Show response
www.clickcease.com/monitor/ 18 KB
6 KB 15ms
15ms Script
application/javascript 2606:4700:20::6819:5c6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clickcease.com/monitor/cc-snapshot.js
Requested by: Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5c6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f87295a5df9b3adbd0623870bc4be26ae25bd8cdbfb6497e451a6cb860fe156

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 282766
status: 200
access-control-max-age: 1728000
last-modified: Thu, 05 Mar 2020 14:32:57 GMT
server: cloudflare
etag: W/"4677-5a01c69bdb933"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 574932ed9921980e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Thu, 19 Mar 2020 14:33:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1542674242665587&ev=PageView&dl=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&rl=https%3A%2F%2Fgaming001.site%2F&if=false&ts=1584306393243&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584306393242.898662433&it=1584306393141&coo=false&rqm=GET

Requested by

Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT, Sun, 15 Mar 2020 21:06:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 15 Mar 2020 21:06:33 GMT

POST
H2 200 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 21 KB
3 KB 50ms
49ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b159f58916f7f011a3f90ecff29554424b3d15db94e834efe7974fbb77ee97f8

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 cc-recorder.js Show response
www.clickcease.com/monitor/ 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:20::6819:5c6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clickcease.com/monitor/cc-recorder.js
Requested by: Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5c6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65f8a0060acd82c783c110fa4cf3258aa1e260fc48225ffb812c5dd5bc43c9f

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 169743
status: 200
access-control-max-age: 1728000
last-modified: Mon, 23 Dec 2019 12:13:01 GMT
server: cloudflare
etag: W/"c43-59a5df2efbfd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 574932edc965980e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Wed, 18 Mar 2020 14:22:07 GMT

POST
H2 200 GetBySportId Show response
sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/ 21 KB
3 KB 47ms
47ms Fetch
application/json 35.190.84.112
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sbapi.sbtech.com/betfirst/sportscontent/sportsbook/v1/Leagues/GetBySportId
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.84.112 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 112.84.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b159f58916f7f011a3f90ecff29554424b3d15db94e834efe7974fbb77ee97f8

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTaXRlSWQiOjI4LCJTZXNzaW9uSWQiOiJkZTMwOTVjYy0yNWYzLTRiNzMtOTZiNC0wNTZkMThmMmQxZmQiLCJuYmYiOjE1ODQzMDYzOTIsImV4cCI6MTU4NDkxMTE5MiwiaWF0IjoxNTg0MzA2MzkyfQ.aev7UIDr6EVztjzzeygK2qmcy_zc2T9Yq2AyoWssUAM
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
locale: fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json-patch+json

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK Cookie set mini2 Show response
bfscripts.dhnet.be/PronoFoot/active/ Frame 6132 39 KB
8 KB 103ms
102ms Document
text/html 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 5788dfd19c14ad0e7ddca4af80325ea0aca3c416fd62b28548631dc107788bda

Request headers

Host: bfscripts.dhnet.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: sbtssid=mrvl01zchxqnp2ndgp1w1q5h; firstrefer=aHR0cHM6Ly9nYW1pbmcwMDEuc2l0ZS8_; firstrequest=aHR0cDovL2JldGZpcnN0LmRobmV0LmJlLz9pZGFmZmlsaWF0aW9uPTM0MjM2NSZzaXRlaWQ9ZnJzaHBfJmNsaWNrX2lkPTE0MDY0OTc2Mw__; lng=169; cTz=1; bVC=1; first_visit_ssl=first visit to best place to bet; visid_incap_974085=s9FDR5cWQzyKnyOJ+PIjVNeYbl4AAAAAQUIPAAAAAAAzi10Vw+9ybhRzYiRe5qho; incap_ses_450_974085=7ikQC5n/XRhHv6Tygbo+BteYbl4AAAAAjSLGGn4rxYjziz2nrQbtMQ==; dTz=+1; WEBBALANCER=balancer.web3; DHGMS=aqmets5meguq1nruhu41ps9gf3; current_lang=fr; _responsive=_responsive; click_id=140649763; idaffiliation_custom_for_register={"siteid":"frshp_","click_id":"140649763"}; idaffiliation_for_register=342365; userLang=fr; lang=fr; _gcl_au=1.1.439903318.1584306393; _ga=GA1.2.986037015.1584306393; _gid=GA1.2.1859005204.1584306393; _gat_UA-26276393-5=1; _fbp=fb.1.1584306393242.898662433
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6397
Content-Type: text/html; charset=UTF-8
Set-Cookie: WEBBALANCER=balancer.web3; path=/; domain=.dhnet.be lang=fr; expires=Fri, 20-Mar-2020 01:06:52 GMT; path=/ current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be pl=deleted; expires=Sat, 16-Mar-2019 21:06:51 GMT; path=/; httponly current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive

GET
H/1.1 200
OK Cookie set winners Show response
bfscripts.dhnet.be/bet/ Frame A7D2 30 KB
7 KB 94ms
94ms Document
text/html 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: cd79f8d0bd6e2c70936ad85342c771fd06661101c97f1c1f399228e1aa3a67b1

Request headers

Host: bfscripts.dhnet.be
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: sbtssid=mrvl01zchxqnp2ndgp1w1q5h; firstrefer=aHR0cHM6Ly9nYW1pbmcwMDEuc2l0ZS8_; firstrequest=aHR0cDovL2JldGZpcnN0LmRobmV0LmJlLz9pZGFmZmlsaWF0aW9uPTM0MjM2NSZzaXRlaWQ9ZnJzaHBfJmNsaWNrX2lkPTE0MDY0OTc2Mw__; lng=169; cTz=1; bVC=1; first_visit_ssl=first visit to best place to bet; visid_incap_974085=s9FDR5cWQzyKnyOJ+PIjVNeYbl4AAAAAQUIPAAAAAAAzi10Vw+9ybhRzYiRe5qho; incap_ses_450_974085=7ikQC5n/XRhHv6Tygbo+BteYbl4AAAAAjSLGGn4rxYjziz2nrQbtMQ==; dTz=+1; WEBBALANCER=balancer.web3; DHGMS=aqmets5meguq1nruhu41ps9gf3; current_lang=fr; _responsive=_responsive; click_id=140649763; idaffiliation_custom_for_register={"siteid":"frshp_","click_id":"140649763"}; idaffiliation_for_register=342365; userLang=fr; lang=fr; _gcl_au=1.1.439903318.1584306393; _ga=GA1.2.986037015.1584306393; _gid=GA1.2.1859005204.1584306393; _gat_UA-26276393-5=1; _fbp=fb.1.1584306393242.898662433
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5691
Content-Type: text/html; charset=UTF-8
Set-Cookie: WEBBALANCER=balancer.web3; path=/; domain=.dhnet.be lang=fr; expires=Fri, 20-Mar-2020 01:06:52 GMT; path=/ current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be pl=deleted; expires=Sat, 16-Mar-2019 21:06:51 GMT; path=/; httponly current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be current_lang=fr; expires=Mon, 15-Mar-2021 21:06:52 GMT; path=/; domain=.dhnet.be
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive

GET
H/1.1 200
OK custom_inbox_disabled.png
bfscripts.dhnet.be/themes/sbtech/images/ 33 KB
34 KB 29ms
29ms Image
image/png 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfscripts.dhnet.be/themes/sbtech/images/custom_inbox_disabled.png
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 73db5df98be7d86e14f62953e7559d58f794521d17d26ad95cfde7746160d2ac

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 21:06:52 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbecf-8585-59f043bf2b280"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 34181

GET
H2 200 _Incapsula_Resource
betfirst.dhnet.be/ 1 B
35 B 19ms
19ms Image
text/plain 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betfirst.dhnet.be/_Incapsula_Resource?SWKMTFSR=1&e=0.3908880091106135
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK beacon
r.turn.com/r/ 43 B
490 B 83ms
24ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=8Wmqoj3aw6-V6WWUdMqIdZhUKVF9oLX-qjk8Mh5KGHHLUdDCDy504oRqc6VYUMGKHHQfczQjYQtUbirPvpHHpA&cid=&gtmcb=1644402123
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:32 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 roboto-bold.woff2
betfirst.dhnet.be/css/shared/fonts/ 20 KB
20 KB 40ms
40ms Font
application/font-woff2 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://betfirst.dhnet.be/css/shared/fonts/roboto-bold.woff2
Requested by: Host: betfirst.dhnet.be
URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.78 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.78.ip.incapdns.net
Software: /
Resource Hash: ede08566a2961e944dd8d284ceb75dd3055eecd7789e15bea6cc2f5c57cc4751

Request headers

Referer: https://betfirst.dhnet.be/css/app-desktop.css?version=637195220554604148
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:06:32 GMT
last-modified: Mon, 17 Feb 2020 10:07:20 GMT
x-cdn: Incapsula
etag: "637218005"
content-type: application/font-woff2
status: 200
x-iinfo: 4-61389237-61375656 2VNN RT(1584306392880 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=2592001, public
content-length: 20052
expires: Tue, 14 Apr 2020 21:06:33 GMT

GET
H/1.1 200
OK promo_widget Show response
bfscripts.dhnet.be/responsive/ 62 B
1 KB 80ms
80ms Script
text/html 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/responsive/promo_widget?lang=fr&callback=jQuery33105892133655766794_1584306392595&ids=629-630-632&_=1584306392597
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 88344af3f13d370e46f4533bc9b409f4315ac586f96c347365f6e4884381febb

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 78
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
bfscripts.dhnet.be/themes/sbtech/js/jquery/ Frame A7D2 91 KB
92 KB 26ms
25ms Script
text/javascript 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/js/jquery/jquery.min.js
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bc0dd-16dc4-59f043bf2b280"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 93636

GET
H2 404 forms.css
betfirst.dhnet.be/css/ Frame A7D2 0
0 506ms
505ms Stylesheet
text/css 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/css/forms.css

Requested by

Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 404
x-iinfo: 4-61389239-61375661 2NNN RT(1584306392896 0) q(0 0 0 -1) r(5 5) U11
cache-control: private
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK global.css
bfscripts.dhnet.be/themes/sbtech/css/ Frame A7D2 717 B
764 B 25ms
25ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/global.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: ef4b8622fdf773aeda2c64c4c97d7fc69de85694043e88db883f7444a51f14cc

Request headers

Referer: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdae-2cd-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 378

GET
H/1.1 200
OK fonts.css
bfscripts.dhnet.be/themes/sbtech/css/ Frame A7D2 6 KB
1 KB 26ms
25ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/fonts.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 166cbe4f6d3818ca3a3363019a88273de90c284c4fffd0059713b822e17fad30

Request headers

Referer: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdac-1636-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 643

GET
H/1.1 200
OK top_winners.css
bfscripts.dhnet.be/themes/sbtech/css/responsive/ Frame A7D2 24 KB
7 KB 27ms
26ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/responsive/top_winners.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: fb9577023b70dbb6dffabe56f99f301316c1ac6aa9ace6cdea353ba8df183739

Request headers

Referer: https://bfscripts.dhnet.be/bet/winners?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdf3-5e85-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 6351

GET
H/1.1 200
OK jquery.min.js Show response
bfscripts.dhnet.be/themes/sbtech/js/jquery/ Frame 6132 91 KB
92 KB 26ms
25ms Script
text/javascript 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/js/jquery/jquery.min.js
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bc0dd-16dc4-59f043bf2b280"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 93636

GET
H/1.1 200
OK button.css
bfscripts.dhnet.be/themes/sbtech/css/ Frame 6132 8 KB
1 KB 51ms
25ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/button.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: d6d2966beb25e4bf4b8ee26f80a6a8945af2bf3c47d7db61a2b2fb67cafb8a71

Request headers

Referer: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbda9-1ee0-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 946

GET
H/1.1 200
OK global.css
bfscripts.dhnet.be/themes/sbtech/css/ Frame 6132 717 B
764 B 50ms
25ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/global.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: ef4b8622fdf773aeda2c64c4c97d7fc69de85694043e88db883f7444a51f14cc

Request headers

Referer: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdae-2cd-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 378

GET
H/1.1 200
OK fonts.css
bfscripts.dhnet.be/themes/sbtech/css/ Frame 6132 6 KB
1 KB 50ms
26ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/fonts.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 166cbe4f6d3818ca3a3363019a88273de90c284c4fffd0059713b822e17fad30

Request headers

Referer: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdac-1636-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 643

GET
H/1.1 200
OK pronofoot.css
bfscripts.dhnet.be/themes/sbtech/css/responsive/ Frame 6132 41 KB
8 KB 83ms
32ms Stylesheet
text/css 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/themes/sbtech/css/responsive/pronofoot.css
Requested by: Host: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: 1ad6a51d2ea1aa9a1ab5c6f85763af0bff8af0495c85e2abcc83a5ad76da177e

Request headers

Referer: https://bfscripts.dhnet.be/PronoFoot/active/mini2?responsive&lang=fr&widget
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 16:16:58 GMT
Server: Apache
ETag: "4bbdf1-a40e-59f043bf2b280"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 7468

GET weeklyWinners
bfscripts.dhnet.be/bet/ Frame A7D2 0
0

GET monthlyWinners
bfscripts.dhnet.be/bet/ Frame A7D2 0
0

GET yearlyWinners
bfscripts.dhnet.be/bet/ Frame A7D2 0
0

GET
H2 200 negotiate Show response
pushserver-uk.sbtech.com/signalr/ 391 B
641 B 75ms
25ms XHR
application/json 35.227.205.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pushserver-uk.sbtech.com/signalr/negotiate?clientProtocol=1.5&connectionData=%5B%7B%22name%22%3A%22communicationhub%22%7D%5D

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.227.205.204 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

204.205.227.35.bc.googleusercontent.com

Software

Microsoft-IIS/8.5 /

Resource Hash

a94ab0410c7c012eba3fbdffbf6d86ac7f2ace02875b6fac2655bc3443ca47f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
access-control-allow-headers: Content-Type,RequestTarget,x-requested-with
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: clear
expires: -1

POST
H2 200 GetCurrentUserTags Show response
betfirst.dhnet.be/pagemethods_ros.aspx/ 114 B
392 B 39ms
39ms XHR
application/json 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/pagemethods_ros.aspx/GetCurrentUserTags

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

547f45cf45aea022c37570945bdeb88849b84e63451b6bb3f0f062d5707064bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: AJAXService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
X-JWToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJtcnZsMDF6Y2h4cW5wMm5kZ3AxdzFxNWgiLCJTaXRlSUQiOiIyOCIsIm5iZiI6MTU4NDMwNjM5MSwiZXhwIjoxNTg0OTExMTkxLCJpYXQiOjE1ODQzMDYzOTF9.HB2y0yezL4QFepN_IX6sjqIYJsEMdfds6bSHsu3y8jo
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389327-61367437 PNNy RT(1584306393447 0) q(0 0 0 -1) r(0 0) U6
cache-control: private
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block
expires: Sun, 15 Mar 2020 20:56:33 GMT

GET
H2

200

activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D34...
6337700.fls.doubleclick.net/ Frame D3AC
Redirect Chain

https://6337700.fls.doubleclick.net/activityi;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D...
https://6337700.fls.doubleclick.net/activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfi...

0
0

37ms
37ms

Document
text/html

216.58.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6337700.fls.doubleclick.net/activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXLHKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6337700.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 15 Mar 2020 21:06:34 GMT
expires: Sun, 15 Mar 2020 21:06:34 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 373
x-xss-protection: 0
set-cookie: IDE=AHWqTUnEAapygoL8PL0DZtYIqmSP8NDABQDdyF9ip811dnbLvx2fWNNDfXvlP5DR; expires=Fri, 09-Apr-2021 21:06:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 15 Mar 2020 21:06:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6337700.fls.doubleclick.net/activityi;dc_pre=CKuu2p6xnegCFWHiuwgdcuUATQ;src=6337700;type=remar0;cat=betfi0;ord=4504402972623;gtm=2wg340;auiddc=439903318.1584306393;~oref=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 15-Mar-2020 21:21:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 47 KB
14 KB 65ms
20ms Script
application/javascript 2.19.46.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXLHKF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.46.25 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-46-25.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: f582a45c7f308bfde68ecca650e417a6b62f6fe2176cb0c5f54f5aed3a26fba1

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
etag: "0d8df59a7ced51:0"
last-modified: Sun, 19 Jan 2020 09:03:44 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/2.5, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=774
accept-ranges: bytes
content-length: 14493

GET
H2 200 universalTag
ssl.connextra.com/ Frame 0417 0
0 88ms
38ms Document
text/html 2.19.37.69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/universalTag?client=NetBet&id=177947&page=sports_be_homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXLHKF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.37.69 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-37-69.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: ssl.connextra.com
:scheme: https
:path: /universalTag?client=NetBet&id=177947&page=sports_be_homepage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763

Response headers

status: 200
x-served-by: vlp-cxtadsrv03.connextra.net
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 593
expires: Sun, 15 Mar 2020 21:06:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 15 Mar 2020 21:06:34 GMT
set-cookie: CxtId=6181d1a6-c4e1-440a-8b72-f0cc4a503e84; Domain=.connextra.com; Expires=Tue, 15-Mar-2022 21:06:34 GMT; Path=/; Secure; SameSite=None NetBet=P%7Csports_be_homepage%7C1%7C202003152106; Domain=.connextra.com; Expires=Mon, 15-Mar-2021 21:06:34 GMT; Path=/; Secure; HttpOnly; SameSite=None

GET
H2 200 getUserInfo Show response
betfirst.dhnet.be/methods/userinfo.ashx/ 2 B
256 B 39ms
39ms XHR
application/json 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/methods/userinfo.ashx/getUserInfo?

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: AJAXService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
X-JWToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJtcnZsMDF6Y2h4cW5wMm5kZ3AxdzFxNWgiLCJTaXRlSUQiOiIyOCIsIm5iZiI6MTU4NDMwNjM5MSwiZXhwIjoxNTg0OTExMTkxLCJpYXQiOjE1ODQzMDYzOTF9.HB2y0yezL4QFepN_IX6sjqIYJsEMdfds6bSHsu3y8jo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389328-61379345 PNNy RT(1584306393456 0) q(0 0 0 -1) r(0 0) U2
cache-control: private
content-type: application/json; charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block
expires: Sun, 15 Mar 2020 20:56:33 GMT

GET
H/1.1 200
OK check_session Show response
bfscripts.dhnet.be/auth/ 247 B
2 KB 89ms
89ms Script
application/javascript 212.166.46.200
WIN

General

Check archive.org

Show headers Download Go to

Full URL: https://bfscripts.dhnet.be/auth/check_session?lang=fr&callback=jQuery33105892133655766794_1584306392595&token=da39a3ee5e6b4b0d3255bfef95601890afd80709&_=1584306392598
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.166.46.200 Liège, Belgium, ASN9208 (WIN, BE),
Reverse DNS: 212-166-46-200.win.be
Software: Apache /
Resource Hash: bcb2504ab9c8fcfb375e4d3e2caed4a69ca55a3c274c819d4f09ec905ba905ae

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 201
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 GetTeaserData Show response
betfirst.dhnet.be/pagemethods_ros.aspx/ 5 KB
2 KB 39ms
39ms XHR
application/json 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/pagemethods_ros.aspx/GetTeaserData

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

3cca1d93ab76660b1b16f7c9c53bfff302d4a1da76f8fb631f00ac4b119c75dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: AJAXService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
X-JWToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJtcnZsMDF6Y2h4cW5wMm5kZ3AxdzFxNWgiLCJTaXRlSUQiOiIyOCIsIm5iZiI6MTU4NDMwNjM5MSwiZXhwIjoxNTg0OTExMTkxLCJpYXQiOjE1ODQzMDYzOTF9.HB2y0yezL4QFepN_IX6sjqIYJsEMdfds6bSHsu3y8jo
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389329-61389330 NNNY CT(0 0 0) RT(1584306393458 0) q(0 0 0 -1) r(0 0) U6
cache-control: private
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block
expires: Sun, 15 Mar 2020 20:56:33 GMT

GET
H2 200 getWaitingBetsSP Show response
betfirst.dhnet.be/pagemethods.aspx/ 2 B
264 B 39ms
39ms XHR
application/json 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/pagemethods.aspx/getWaitingBetsSP?

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: AJAXService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
X-JWToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJtcnZsMDF6Y2h4cW5wMm5kZ3AxdzFxNWgiLCJTaXRlSUQiOiIyOCIsIm5iZiI6MTU4NDMwNjM5MSwiZXhwIjoxNTg0OTExMTkxLCJpYXQiOjE1ODQzMDYzOTF9.HB2y0yezL4QFepN_IX6sjqIYJsEMdfds6bSHsu3y8jo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Mar 2020 21:06:33 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389331-61389332 NNNY CT(0 0 0) RT(1584306393461 0) q(0 0 0 -1) r(0 0) U2
cache-control: private
content-type: application/json; charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block
expires: Sun, 15 Mar 2020 20:56:33 GMT

GET
H2

302

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/4/2284
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

0
-1 B

174ms
132ms

XHR

2.19.46.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.46.25 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-46-25.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
date: Sun, 15 Mar 2020 21:06:34 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Redirect headers

status: 302
date: Sun, 15 Mar 2020 21:06:34 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

GET
H/1.1 200
OK L21rdC85Ny9waWQvNjgwOTUzMTAvdC8w Show response
d.turn.com/r/dft/id/ 14 KB
14 KB 77ms
18ms Script
application/javascript 46.228.164.13
TURN

General

Check archive.org

Show headers Download Go to

Full URL: https://d.turn.com/r/dft/id/L21rdC85Ny9waWQvNjgwOTUzMTAvdC8w
Requested by: Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yH0QaUXz%2FMqKF1wIkyTfeSLxwqLbl0hsvNgkzorNDrkEbcul8I8dLbYgHkzLJ%2BlMVxxRFYcZJJSMBNrr17xDsZ%2BkgezJHFDujkUXn53OTvfvaVXjAp%2FSp0PZUruG31%2FZ3%2FuAAaFF0d8%2BCuuKtEj1cD1O2vfkyT0LtXkB4zN%2FTZiAM8Bw3J%2FopRAYd2lN%2BjmF1GTR3a3nJGa%2FIXI%2BBTRUqQfoiPLOcbxxCCZuYaLm%2FMp%2BxdOFL4ntAX3ozt2g1i5U4IFnUp0e%2FTR4GTWVNO6bmXdzfqArWGymmShR%2FMt3rPwhr5XX50yVeind7%2BT4G%2Bin0ziCGbo5JXVokLZyPgTKv0TCRMQeu1xBqW3SqaHQyI4tD%2B3KgnBRrE4WyB4tEuDSzcvVI7xo8LqN2MLMLIMqmfR7GvmsWTL%2FU38qqEPeX7xFXjuNHhQB9uLIlv7M6s3HU0tdAyIzirm%2BD3OcL%2Fxrz3toxz2KYtRnOIpN1kIesMg%2B6gMWNnN7IlHSrehpRakbPLCHLDTDGcWKAPQbvSldoqKvtPvjNf%2B6NXJ7sIGZQ4QAqwOLV1oUELtfIcWHURHmWu7Ls0oaB9qG6DOhsZihQedOqctGy1p7t9bDHatdtRvaa3u57BmKblsdk1I24EUfGyGCME7q3MnBQtBw8aCrBon7050IIAZ5AW6ZtI%2BzuZqfaNmvaMvUFgDHH%2Fw%2FBgEjCFGU6eTQLB0rWsmeXtlKPfODVs9C3%2FJN4nNEfm7ieDT8sFi%2BtCTAnegsw2jIYynnPUVHwM6eftiBPy8jSt53hWo%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0031eebf81bca5d0f206173aa3245ae414ff5b76b04608771babba53ed920b3f

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: cache
Date: Sun, 15 Mar 2020 21:06:34 GMT
Cache-Control: private, max-age=7200
Server: Apache-Coyote/1.1
Content-Type: application/javascript
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/ 11 B
217 B 20ms
20ms XHR
application/json 2.19.46.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.46.25 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-46-25.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:06:34 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/2.5, ASP.NET
etag: "5a9573a5a578d31:0"
status: 200
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 301 B
1 KB 79ms
20ms Script
text/html 82.199.68.72
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=2284&dispType=js&sync=0&sessionid=4474083003212680933&pageurl=$$https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763$$&activityValues=$$Session%3D8987209201048661944$$&ns=0&rnd=4252679904081278&referrer=$$https://gaming001.site/$$
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.72 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 6e94d6e9129b0f9f9f272a8c0e519fc61dc014abd7a4132e59e7d447ac9674ee

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 21:06:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 239
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 start Show response
pushserver-uk.sbtech.com/signalr/ 25 B
92 B 24ms
24ms XHR
application/json 35.227.205.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pushserver-uk.sbtech.com/signalr/start?transport=webSockets&clientProtocol=1.5&connectionToken=6aCFj5d5y6zApMpyisUzcS6376yyryVEhn17nfBnuJ%2FO891CE6myqlKFHitkWAZT6GO7xye65eRrOciS0x13Nsm8ZEisxwhGHjEzNbpCw2QxXOpjPUDxQ%2ByWSwmtwNRd&connectionData=%5B%7B%22name%22%3A%22communicationhub%22%7D%5D

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.227.205.204 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

204.205.227.35.bc.googleusercontent.com

Software

Microsoft-IIS/8.5 /

Resource Hash

c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Origin: https://betfirst.dhnet.be
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 21:06:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
access-control-allow-headers: Content-Type,RequestTarget,x-requested-with
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: clear
expires: -1

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1542674242665587&ev=Microdata&dl=https%3A%2F%2Fbetfirst.dhnet.be%2F%3Fidaffiliation%3D342365%26siteid%3Dfrshp_%26click_id%3D140649763&rl=https%3A%2F%2Fgaming001.site...
https://cx.atdmt.com/?c=17111716902733934351&f=AYx2ZkWPrUDp8VbgR3gc2R2FKh9o2CRNz4cexNlW-AxTg1WE5MnZiU2QRv985knX_uoP-LWrdG5k1lLhZP1ftQsT&id=1542674242665587&l=3&v=0

42 B
433 B

54ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=17111716902733934351&f=AYx2ZkWPrUDp8VbgR3gc2R2FKh9o2CRNz4cexNlW-AxTg1WE5MnZiU2QRv985knX_uoP-LWrdG5k1lLhZP1ftQsT&id=1542674242665587&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 21:06:34 GMT, Sun, 15 Mar 2020 21:06:34 GMT, Sun, 15 Mar 2020 21:06:34 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 21:06:34 GMT, Sun, 15 Mar 2020 21:06:34 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=17111716902733934351&f=AYx2ZkWPrUDp8VbgR3gc2R2FKh9o2CRNz4cexNlW-AxTg1WE5MnZiU2QRv985knX_uoP-LWrdG5k1lLhZP1ftQsT&id=1542674242665587&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 hshandler.ashx Show response
betfirst.dhnet.be/async/ 54 B
458 B 42ms
42ms XHR
text/html 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/async/hshandler.ashx?version=1584306392669

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: XmlService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: *
x-iinfo: 4-61389702-61389332 PNNy RT(1584306396445 0) q(0 0 0 -1) r(0 0) U12
cache-control: private
content-type: text/html; charset=utf-8
access-control-allow-headers: RequestTarget, Content-Type
x-xss-protection: 1; mode=block
access-control-request-headers: RequestTarget, Content-Type

GET
H2 200 achan.ashx Show response
betfirst.dhnet.be/async/ 194 B
352 B 36ms
36ms XHR
text/html 107.154.132.78
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://betfirst.dhnet.be/async/achan.ashx?version=1584306392669

Requested by

Host: cdn.sbtech.com
URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.78 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.78.ip.incapdns.net

Software

Resource Hash

68a0dc12e8dd42e4640c6cfe6c257c2b284b36b53e0efa2144340209c4d41585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

RequestTarget: XmlService
Referer: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 4-61389706-61389332 PNNy RT(1584306396488 0) q(0 0 0 -1) r(1 1) U12
cache-control: private
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/fonts/Roboto-Bold-Latin.woff2

Domain: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/weeklyWinners

Domain: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/monthlyWinners

Domain: bfscripts.dhnet.be
URL: https://bfscripts.dhnet.be/bet/yearlyWinners

Verdicts & Comments Add Verdict or Comment

1370 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dhnet.be/	1970-01-19 10:14:42	Name: _fbp Value: fb.1.1584306393242.898662433
.dhnet.be/	1970-01-19 08:05:06	Name: _gat_UA-26276393-5 Value: 1
.dhnet.be/	1970-01-20 01:36:18	Name: _ga Value: GA1.2.986037015.1584306393
.dhnet.be/	1970-01-19 10:14:42	Name: _gcl_au Value: 1.1.439903318.1584306393
.dhnet.be/	1970-01-19 16:50:42	Name: idaffiliation_for_register Value: 342365
.dhnet.be/	1970-01-19 16:50:42	Name: idaffiliation_custom_for_register Value: {"siteid":"frshp_","click_id":"140649763"}
.dhnet.be/	1970-01-19 16:50:42	Name: current_lang Value: fr
.dhnet.be/	1970-01-19 16:50:42	Name: userLang Value: fr
.dhnet.be/	1969-12-31 23:59:59	Name: incap_ses_450_974085 Value: 7ikQC5n/XRhHv6Tygbo+BteYbl4AAAAAjSLGGn4rxYjziz2nrQbtMQ==
.dhnet.be/	1970-01-19 16:50:42	Name: click_id Value: 140649763
.dhnet.be/	1970-01-19 16:49:51	Name: visid_incap_974085 Value: s9FDR5cWQzyKnyOJ+PIjVNeYbl4AAAAAQUIPAAAAAAAzi10Vw+9ybhRzYiRe5qho
.dhnet.be/	1970-01-19 08:06:32	Name: _gid Value: GA1.2.1859005204.1584306393
.dhnet.be/	1969-12-31 23:59:59	Name: WEBBALANCER Value: balancer.web3
.dhnet.be/	1978-01-11 21:31:40	Name: first_visit_ssl Value: first visit to best place to bet
.dhnet.be/	1970-01-19 12:24:18	Name: cTz Value: 1
.dhnet.be/	1970-01-19 12:24:18	Name: dTz Value: +1
.dhnet.be/	1978-01-11 21:31:40	Name: bVC Value: 1
.dhnet.be/	1969-12-31 23:59:59	Name: DHGMS Value: aqmets5meguq1nruhu41ps9gf3
betfirst.dhnet.be/	1970-01-19 08:05:09	Name: oSt2 Value: 1
.dhnet.be/	1969-12-31 23:59:59	Name: sbtssid Value: mrvl01zchxqnp2ndgp1w1q5h
.dhnet.be/	1978-01-11 21:31:40	Name: lng Value: 169
.dhnet.be/	1970-01-19 08:06:32	Name: _responsive Value: _responsive
.dhnet.be/	1970-01-19 08:09:25	Name: firstrequest Value: aHR0cDovL2JldGZpcnN0LmRobmV0LmJlLz9pZGFmZmlsaWF0aW9uPTM0MjM2NSZzaXRlaWQ9ZnJzaHBfJmNsaWNrX2lkPTE0MDY0OTc2Mw__
.dhnet.be/	1970-01-19 08:09:25	Name: firstrefer Value: aHR0cHM6Ly9nYW1pbmcwMDEuc2l0ZS8_
betfirst.dhnet.be/	1969-12-31 23:59:59	Name: lb_sess Value: 1f6864e06bf33199e8528025f38ee2e7

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 19) Message: /JSComponents/Mobile/AppExt.js is not registered
console-api	warning	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 19) Message: /JSComponents/Pages/SPOpenBets.ext.js is not registered
console-api	warning	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 19) Message: /JSComponents/Data/UniSlip/SPMyBetsPurchase.ext.js is not registered
console-api	log	URL: /jscomponents/data/playbyplay/pbp.js(Line 1) Message: Setting velocity
console-api	warning	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 19) Message: /JSComponents/Data/UniSlip/Modes/TeaserSPSlipMode.ext.js is not registered
console-api	debug	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 683) Message: SyntaxError: Unexpected token d in JSON at position 0
console-api	log	URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471(Line 24) Message: Communicator > State changed: [object Object]
console-api	debug	URL: https://betfirst.dhnet.be/?idaffiliation=342365&siteid=frshp_&click_id=140649763(Line 683) Message: SyntaxError: Unexpected token s in JSON at position 0
console-api	log	URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471(Line 24) Message: Communicator > State changed: [object Object]
console-api	log	URL: https://cdn.sbtech.com/rj/sb-resp-platform/3.0.40/sbRespPlatform-main.js?version=fc8c71041e870471(Line 24) Message: Communicator > onConnected.done() > Introduce message sent to server. pluginNames: ,PushOdds

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6337700.fls.doubleclick.net
appdatum.com
banners.livepartners.com
bat.bing.com
betfirst.dhnet.be
betfirstcasino.be
bfscripts.dhnet.be
bidr.trellian.com
bs.serving-sys.com
cdn.sbtech.com
cdnjs.cloudflare.com
click.affordableshape.com
code.jquery.com
connect.facebook.net
cx.atdmt.com
d.turn.com
gaming001.site
liveads.online
orgmod.org
pushserver-uk.sbtech.com
r.turn.com
sbapi.sbtech.com
secure-ds.serving-sys.com
secure.click2partner.com
secure.clicktrkservices.com
ssl.connextra.com
stats.g.doubleclick.net
tryd.pro
www.betfirst.be
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
yltenim.com
bfscripts.dhnet.be
103.224.182.206
103.224.182.242
107.154.132.78
109.169.22.152
109.169.22.158
116.202.81.140
173.236.118.102
2.19.37.69
2.19.46.25
2001:4de0:ac19::1:b:2b
205.147.93.131
212.166.46.200
216.58.207.38
2606:4700:20::6819:5c6e
2606:4700:3030::681f:49a2
2606:4700:3037::6818:61a7
2606:4700:3037::681c:606
2606:4700::6811:4004
2620:1ec:c11::200
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
3.123.79.50
35.186.198.29
35.190.84.112
35.227.205.204
46.228.164.11
46.228.164.13
54.236.172.182
82.199.68.72
0031eebf81bca5d0f206173aa3245ae414ff5b76b04608771babba53ed920b3f
04f8cff3d15d004111aa40cbe0c5276552324f23e61d2bf0458a468eec740323
071992dc9c67be37657ff11294a6b58557795aa220cf3d62b1d5563805a12e8b
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4
0daa2ce37a5db04a94319e654d55ddc2d4224cdc34586ae800173f6b5f2873f1
0ec181be8c799367a4a4d95d7bbc3695a8dbf18b7a1a66f50ef1a3e8c34a8794
10c355c5254ff20be77c012713e4929cd8b36039b2b94da90f6593191038d0ed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1159d590e82057263848e1f048de86295796a2ba4f689bdce40096df97722a25
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
166cbe4f6d3818ca3a3363019a88273de90c284c4fffd0059713b822e17fad30
1706e244616fe7d32d774dbfb695ee3fd6434a3eca86485a4f95f0a415219a50
177700574c7670de0140b56f43c57f2502d91abe5b8835d1a0cc60f7f87d6751
1ad6a51d2ea1aa9a1ab5c6f85763af0bff8af0495c85e2abcc83a5ad76da177e
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1c00c5f5e1ee4c5edd22a08062d34f7fd246cf1048fa240350a672c77a419799
1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae
225ef46e524fc10f3943da1ccb41fd95da5d633d1a02d1be472fabbdf11e813d
277ab168f5c9d586702ef3afe5280f959c1ec13622ba47ced9b2fcfed327a558
2878e261f4608effb59d39ee9e01dd3ea7c16c7ff60b470ee8032009c8994099
287c18507d2949a73ac69ad08bac34b2d2932e81e8b5f8bdd1fe018ac943caa7
29c6a48ce666976023979ae74e26057b38190c6261ea765caf4eff5e58e7b844
2a7e9db78bbb6e78c47f993655f16a9d346c1a25393e844d216344751f0c8634
2c84c0121437dfc3a1dfddf56d8d555dcd98bcd9adfdf7bcd00515563d765721
340d3264c5c16be25f564bf87d0f55952d3a44c4f00ae0407c860391a617f9d7
39a0fc79a1e22a96800d5b6e251511ed927caea2a1fbdc89155ea6b302933e46
3cca1d93ab76660b1b16f7c9c53bfff302d4a1da76f8fb631f00ac4b119c75dc
3f87295a5df9b3adbd0623870bc4be26ae25bd8cdbfb6497e451a6cb860fe156
4313462fb7fe3fa2758ac01c67fbe9b5cfc5380b1a5c9738f9985731f598d070
467c895ede01c5acb8875d6c91fdc42dde6f71fc1b49e9e05921d27a526721ce
48304c87958de38f555cf47c2da046e69a69b70e72fcd7b11fa03b76a8b19920
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a53f03e48e085a072f9673c4615af492f64208c3aff5412b0375808fdc7f4d4
4adb16edba66488079a49b3e235c64d06468f1e13032db1ce057e498ccc147b1
4b49a7af56086747d034f4991d2b8ebe61c3aec808ad5c8120ea502e3e073f17
4c5250524bd6cb064182c05d9f9a8ba75599e0e90c24ae1d9aae31a69aa68aed
4cb75202d95ece49058a6845accb7e9d718e1d4e469e22c8af0702b489f01b84
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5111f0bb5dc20c0b2e93584e1624cb115441be914e8dbbf48c32ca52aa0287d0
5139e29b0515a758fcaeb922052bfbfb35eff2247183ae9ee4f9d1f503065ede
5368c8daff69b1c77f926b0d2fc569fa4bf13bdd739f61ac12da3baf40866c67
547f45cf45aea022c37570945bdeb88849b84e63451b6bb3f0f062d5707064bf
55bf12aa7be76872b61f602e11a04b67b9796a2e586363a861b6cd85b98cdd75
5788dfd19c14ad0e7ddca4af80325ea0aca3c416fd62b28548631dc107788bda
58c9cb8655aac6c07086077272ad4d7ba0bcc394100830d9c624b095c2ca1979
5a51029da29b6118d8994f200979bdb86e51b4bfce9d8a74868e1dc73efdf477
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5adac2c15ed114270681a45d295cd2aedb5a71fc4ea0e6299ba3b65d28b73fcd
5e52d804dd733ac48a4d0fb4a9258f4e7d319781d0e73ffb5ea36c8e85af6aca
5feaa78d53590713e1e3a9650ce12c53d9760133151cd9279d0aa21a0044dcaf
60dee30fbb522239142324aeb60131e28d3d8e4890cf5eabe7213df0506f98c2
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6388132a57eb359cc6c2fc7f90a007565d468e5041aef89f74bf9e1279b27759
64f34524369807147b5a9d991fac1e49dc756f01480eb80c00944513700952e4
662085a598023c202d1f5ccafac2c51298ce90e7e8b4da716f286981f6fd5d94
68a0dc12e8dd42e4640c6cfe6c257c2b284b36b53e0efa2144340209c4d41585
6d63840a9fdf354d85f10f985058b2f597e9c633e847e1e28ed4f0d93cb38bd8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e314329fb95a1689b99a37bc602ee6a7c32526fd7e547fa677656f052be1ad1
6e94d6e9129b0f9f9f272a8c0e519fc61dc014abd7a4132e59e7d447ac9674ee
720a8e21d0435b9813d13691a057e9cd3a8f63ac41aaa4cbae87633cc9789c85
73db5df98be7d86e14f62953e7559d58f794521d17d26ad95cfde7746160d2ac
7617fd4b5dde813f0f8c41bd32f92723715f8f972aa6f527c1468d1be791e898
79be4ff5a8f90e2ffc282d3b56cb747be83e7b5782183ffb053b52c523c8fcea
7e6bc8ed84fa35062db0da87183f9a5cedf914980b9455c42addb0bb2a0d154b
7e83140119dd17d6286fe522c56bc5c6287089c5c70e14242a7e8583ed3415d7
817f33032e5fc4f327894a999fa91a5279d70de72f35fcea4ca86b2df5796c68
824039f151d4c19664aaa872676e0de0d3b6d52a08badac0d529cba31f0d1752
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882d1673c8cd3b55c00e9e8affd5070f0f22082a8201226c1b936421b318f01c
88344af3f13d370e46f4533bc9b409f4315ac586f96c347365f6e4884381febb
8c4c3ba3d202fd86bd5042e87a7c9910081e8e5d63dc4a6017004231c49eae51
90c5090b16e98683abf6d01d98068a180fec423ea73a9b42d2b426094ff2ba42
93d4ebb3c3ec8a4ba0a55161735aae205b9d6db1b25168dc6f9e46018b0bc21c
98b806399db5a2a8d101354dec2fea66fa2a097e0eb34c5974f3d9b232536797
992791b22901865ec87ad533fe61a4837631a7ae3842c52e0839a5ad79871ae2
99a57664ff0ad0e1616b02729249a242b27def858140490544e72bb0bc92f128
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9f2865df28f960748612f744e0bb48c72e3fd8e096e1ff077b6bb36fc3b9cb99
a46c9e251d2d8f5111a3a78917c6cccadb5db6c55f0a565aee6c4df98b8eb74d
a909c350028cabfa6c53ff323acb265dc24a418441a8478f5af1fb2c23105b5c
a94ab0410c7c012eba3fbdffbf6d86ac7f2ace02875b6fac2655bc3443ca47f7
ae002abe48ecb126dc1f2e9982c8e341abcc2e285b5e4a1328c531ffad108a84
b159f58916f7f011a3f90ecff29554424b3d15db94e834efe7974fbb77ee97f8
b4eb90671cc031e53ef398ebdc064553b8439e98ca2c76491594ff551c578464
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b65f8a0060acd82c783c110fa4cf3258aa1e260fc48225ffb812c5dd5bc43c9f
baea1b21da1f628e3efa60f987759c2965056a54666e8420debc37b641da0e4e
bcb2504ab9c8fcfb375e4d3e2caed4a69ca55a3c274c819d4f09ec905ba905ae
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
ca4ea8108c600d392e739f6ea9f6654487a83b720998193b0c1ec132228008d3
cc9a1dc03b815d162607c51e32624b170eedce6f9da4e8fa60e140b2b4346515
cd79f8d0bd6e2c70936ad85342c771fd06661101c97f1c1f399228e1aa3a67b1
ce65bca3cfad0e21bb5300712d2b1ac622bf5cddefaf0b759956e3be8a6aac1a
d11e202a79e345d4d0d06b57e7756aa9f279e35a76a8320d37828631c4c17d55
d33d230489db60bae6b5f44efaec769376ce1bfa837d5e5d67b2deb7b7d183d7
d55a2d4e274c328f9497e16df55d31af98016b927cb0e35b44d0ea2c4889cc54
d6d2966beb25e4bf4b8ee26f80a6a8945af2bf3c47d7db61a2b2fb67cafb8a71
d796a85fd6fa1954d0695faec94661f2376dd3b456a70216d97f4024421666a0
dc34c1c1e77e6deca94cc12af1105198b0aa4b23adcbce64057400bdc1f480d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f7ff7035b830fa1e3c70a50f3e8686e0649b3060cddd86016fab7dbbbae60a
e62f6120bbc90956bbfd0cbb7a97b159e1ec4944781dd67cb4dcc07ebce710c7
ea3e37e8f7032d04ffce84e71e08fcda9ec4869957bd5a652c7fd18be8dec52a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ede08566a2961e944dd8d284ceb75dd3055eecd7789e15bea6cc2f5c57cc4751
ef4b8622fdf773aeda2c64c4c97d7fc69de85694043e88db883f7444a51f14cc
f03c20fd2a6ca60fdd84f4e8d92b66ec556b393b714a190d270a977a17cfeb4a
f10eef05b3d83ccc493fcc09f40a64b792f8297e712033f764c646e25af3cb3a
f36eea80083805bf01806612e02d81153e420a170da59bc587bf0be2d32bf540
f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f
f582a45c7f308bfde68ecca650e417a6b62f6fe2176cb0c5f54f5aed3a26fba1
f89a502125886d7f76fe243c68cf7d2e4ef996a6e06a9023e82ae174dea77b54
f900ef5844de56dd3c461f4640348e011d4c820e8a8ecb5d8adae18d8f74def6
fb9577023b70dbb6dffabe56f99f301316c1ac6aa9ace6cdea353ba8df183739

betfirst.dhnet.be Open in urlscan Pro 107.154.132.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

94 %HTTPS

39 %IPv6

28 Domains

34 Subdomains

30 IPs

8 Countries

2329 kBTransfer

8279 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

betfirst.dhnet.be Open in urlscan Pro
107.154.132.78 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

94 %
HTTPS

39 %
IPv6

28
Domains

34
Subdomains

30
IPs

8
Countries

2329 kB
Transfer

8279 kB
Size

25
Cookies

145 HTTP transactions
0 data transactions