22bets.co Open in urlscan Pro
178.253.20.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_...
Effective URL:
https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_...
Submission Tags: @phishunt_io
Submission: On July 07 via api (July 7th 2021, 8:32:06 am UTC) from DE

Summary HTTP 223 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 66 IPs in 11 countries across 76 domains to perform 223 HTTP transactions. The main IP is 178.253.20.139, located in Iran, Islamic Republic Of and belongs to SGHL1-AS, NL. The main domain is 22bets.co.
TLS certificate: Issued by R3 on June 29th 2021. Valid for: 3 months.

This is the only time 22bets.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	178.253.20.139 178.253.20.139	202492 (SGHL1-AS) (SGHL1-AS)
60	8.253.204.241 8.253.204.241	3356 (LEVEL3) (LEVEL3)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3 5	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	13.225.87.40 13.225.87.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	213.183.44.56 213.183.44.56	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
5	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	13.224.193.31 13.224.193.31	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.91 13.224.193.91	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1 16	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 3	18.156.99.44 18.156.99.44	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.197.81.144 18.197.81.144	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
7 7	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
7 7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.253.111.115 34.253.111.115	16509 (AMAZON-02) (AMAZON-02)
2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.120.56 52.218.120.56	16509 (AMAZON-02) (AMAZON-02)
1	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
3 4	139.162.159.252 139.162.159.252	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	80.82.217.92 80.82.217.92	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 5	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	99.80.93.68 99.80.93.68	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.113 65.9.66.113	16509 (AMAZON-02) (AMAZON-02)
2 2	174.129.166.189 174.129.166.189	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.212.101.97 52.212.101.97	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.225.117 52.29.225.117	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
3 4	152.228.227.62 152.228.227.62	16276 (OVH) (OVH)
4 4	51.83.111.34 51.83.111.34	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
3 3	13.225.87.11 13.225.87.11	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	18.197.137.147 18.197.137.147	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6810:2b48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	64.210.149.57 64.210.149.57	29789 (REFLECTED) (REFLECTED)
1	148.251.152.17 148.251.152.17	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3 5	18.185.205.93 18.185.205.93	16509 (AMAZON-02) (AMAZON-02)
1	63.35.174.232 63.35.174.232	16509 (AMAZON-02) (AMAZON-02)
2	54.228.128.1 54.228.128.1	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
223	66

17 178.253.20.139 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, NL)

22bets.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 8.253.204.241 (United States)

ASN3356 (LEVEL3, US)

v2l.cdnsfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.251 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-40.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.183.44.56 (Moscow, Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

cookconfig.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-31.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-91.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.99.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-99-44.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.81.144 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-81-144.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.47.23 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.29.176.117 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.243.60.138 (Aalborg, Denmark) 5 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.111.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.120.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.63 (France)

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.162.159.252 (Frankfurt am Main, Germany) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.92 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.91 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.93.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-93-68.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.113 (United States)

ASN16509 (AMAZON-02, US)

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.166.189 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.101.97 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.225.117 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.110.162 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.228.227.62 (France) 3 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.111.34 (France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.11 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-11.fra2.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.137.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:2b48 (United States)

ASN13335 (CLOUDFLARENET, US)

suphelper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:bac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.210.149.57 (United States)

ASN29789 (REFLECTED, US)

ctrack.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.152.17 (Germany)

ASN24940 (HETZNER-AS, DE)

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.205.93 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.174.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

echoback.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.128.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

serving.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

api.feedad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	cdnsfree.com v2l.cdnsfree.com	2 MB
22	adform.net 4 redirects a1.adform.net s2.adform.net c1.adform.net dmp.adform.net	40 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
17	22bets.co 22bets.co	540 KB
8	suphelper.com suphelper.com	514 KB
8	doubleclick.net 7 redirects cm.g.doubleclick.net stats.g.doubleclick.net	2 KB
7	googletagmanager.com www.googletagmanager.com	79 KB
7	bidswitch.net 7 redirects x.bidswitch.net	2 KB
7	google.com www.google.com	64 KB
6	sportradar.com tm.ads.sportradar.com tracker.ads.sportradar.com echoback.ads.sportradar.com serving.ads.sportradar.com	71 KB
6	semasio.net 5 redirects uipglob.semasio.net	4 KB
6	googleapis.com fonts.googleapis.com	5 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	sportradarserving.com 3 redirects a.sportradarserving.com eu.sportradarserving.com	5 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	rtmark.net my.rtmark.net	4 KB
4	facebook.com www.facebook.com	411 B
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	adsafety.net 3 redirects cm.adsafety.net	6 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	facebook.net connect.facebook.net	173 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	smaato.net 3 redirects s.ad.smaato.net	2 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com	3 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	360yield.com 2 redirects ad.360yield.com ice.360yield.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
2	lijit.com 1 redirects ce.lijit.com	973 B
2	trafficjunky.net ctrack.trafficjunky.net	2 KB
2	realsrv.com main.realsrv.com	836 B
2	exosrv.com main.exosrv.com	834 B
2	exoclick.com main.exoclick.com	838 B
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
2	3lift.com 1 redirects eb2.3lift.com	716 B
2	tapad.com 2 redirects pixel.tapad.com	930 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	580 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	3 KB
2	openx.net 1 redirects eu-u.openx.net	471 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1018 B
2	eyeota.net ps.eyeota.net	688 B
2	everesttech.net 2 redirects rtd-tm.everesttech.net	723 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	adscale.de 2 redirects ih.adscale.de	693 B
2	seadform.net server.seadform.net	687 B
1	feedad.com api.feedad.com	330 B
1	taboola.com sync-t1.taboola.com	257 B
1	google.de www.google.de	522 B
1	tsyndicate.com tsyndicate.com	447 B
1	exdynsrv.com main.exdynsrv.com	419 B
1	contentexchange.me match.contentexchange.me	49 B
1	bnmla.com match.bnmla.com	114 B
1	teads.tv sync.teads.tv	288 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	456 B
1	agkn.com 1 redirects aa.agkn.com	340 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	543 B
1	krxd.net beacon.krxd.net	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv	848 B
1	onaudience.com pixel.onaudience.com	247 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	rlcdn.com idsync.rlcdn.com
1	exelator.com loadm.exelator.com	324 B
1	emxdgt.com e1.emxdgt.com	59 B
1	stickyadstv.com ads.stickyadstv.com	714 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	669 B
1	rubiconproject.com token.rubiconproject.com	662 B
1	yieldlab.net ad.yieldlab.net	522 B
1	cookconfig.net cookconfig.net	2 KB
223	76

	Domain	Requested by
60	v2l.cdnsfree.com	22bets.co v2l.cdnsfree.com
17	22bets.co	22bets.co v2l.cdnsfree.com
12	c1.adform.net	1 redirects a1.adform.net c1.adform.net
12	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	suphelper.com	22bets.co suphelper.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	www.googletagmanager.com	v2l.cdnsfree.com suphelper.com
7	cm.g.doubleclick.net	7 redirects
7	x.bidswitch.net	7 redirects
7	www.google.com	v2l.cdnsfree.com www.gstatic.com 22bets.co
6	uipglob.semasio.net	5 redirects c1.adform.net
6	fonts.googleapis.com	22bets.co
5	mc.yandex.com	2 redirects
5	my.rtmark.net	v2l.cdnsfree.com 22bets.co www.googletagmanager.com
5	a1.adform.net	3 redirects 22bets.co
4	a.sportradarserving.com	3 redirects
4	www.facebook.com
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	cm.adsafety.net	3 redirects c1.adform.net
4	match.adsrvr.org	4 redirects
3	connect.facebook.net	22bets.co connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s.ad.smaato.net	3 redirects
3	secure.adnxs.com	2 redirects c1.adform.net
3	ups.analytics.yahoo.com	1 redirects c1.adform.net
3	pixel.advertising.com	3 redirects
2	ce.lijit.com	1 redirects
2	serving.ads.sportradar.com
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	ctrack.trafficjunky.net
2	main.realsrv.com
2	main.exosrv.com
2	main.exoclick.com
2	mc.yandex.ru	1 redirects v2l.cdnsfree.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	ib.adnxs.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	ps.eyeota.net	c1.adform.net
2	rtd-tm.everesttech.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	server.seadform.net	22bets.co
1	api.feedad.com
1	sync-t1.taboola.com
1	eu.sportradarserving.com
1	echoback.ads.sportradar.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	tsyndicate.com
1	main.exdynsrv.com
1	tm.ads.sportradar.com	22bets.co
1	match.contentexchange.me	c1.adform.net
1	match.bnmla.com	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	idsync.rlcdn.com	c1.adform.net
1	loadm.exelator.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cookconfig.net	v2l.cdnsfree.com
1	static.hotjar.com	22bets.co
1	s2.adform.net	22bets.co
223	89

This site contains links to these domains. Also see Links.

Domain
policies.google.com
22betpartners.com
news.22bet.com

Subject Issuer	Validity	Valid
*.22bets.co R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.cdnsfree.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-07-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.cookconfig.net R3	`2021-06-12` - `2021-09-10`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.eyeota.net R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-04-26` - `2021-07-25`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.id5-sync.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
sync.1dmp.io R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
tracker.ads.sportradar.com R3	`2021-05-13` - `2021-08-11`	3 months	crt.sh
exoclick.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
exosrv.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
realsrv.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
exdynsrv.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.trafficjunky.net DigiCert SHA2 High Assurance Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
tsyndicate.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.ads.sportradar.com Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.sportradarserving.com Entrust Certification Authority - L1K	`2020-10-15` - `2021-10-15`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
api.feedad.com GTS CA 1D4	`2021-05-26` - `2021-08-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Frame ID: A92CE1E01979573DA3C8F5CC8D67B3E5
Requests: 152 HTTP requests in this frame

Frame: https://cookconfig.net/user/config/
Frame ID: 72C8F1AB89ED86933DC872827787D504
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: E21BF00E5AAA0F3DA77B22258DF98A56
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8yMmJldHMuY286NDQz&hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=invisible&badge=inline&cb=xiememnxwtmj
Frame ID: 3A07125025FCBB781427669797D9E6F9
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Frame ID: 69DCECE3F9B938B5373F7A13728690BE
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw
Frame ID: 4A06355FA081FF0EAE6AB05C1005079F
Requests: 11 HTTP requests in this frame

Frame: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
Frame ID: 4A4DBFBC0E1BCE2091A42DA4AEBF44D1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

223
Requests

100 %
HTTPS

19 %
IPv6

76
Domains

89
Subdomains

66
IPs

11
Countries

4888 kB
Transfer

12927 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Termos de Serviço

Search URL Search Domain Scan URL

URL: http://22betpartners.com/
Title: Programa de Afiliados

Search URL Search Domain Scan URL

URL: https://news.22bet.com/
Title: Notícias 22Bet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 96

https://a1.adform.net/Serving/TrackPoint/?pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Request Chain 97

https://a1.adform.net/Serving/TrackPoint/?pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Request Chain 110

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304

Request Chain 113

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4530982277501607477&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4530982277501607477&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=19cc9b57fdbb495584ef04b27b48e741 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=0b1e829243e678ed6d08f20195fd967e8f9520d980cc85bcbc2fdb7fdfafad3b

Request Chain 114

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4530982277501607477&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=7809814286089887494

Request Chain 115

https://pixel.advertising.com/ups/55944/sync?uid=4530982277501607477&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=4530982277501607477&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6&verify=true

Request Chain 117

https://x.bidswitch.net/sync?dsp_id=70&user_id=4530982277501607477 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4530982277501607477 HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&gdpr=&gdpr_consent=

Request Chain 118

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304&C=1

Request Chain 119

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4530982277501607477&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4530982277501607477&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=fe2060e5-6670-4900-96bc-504a5a9279b8&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=fc9e719b-c396-4c46-83aa-8ea66094ba77 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OEZCMzUxMDMyQzFCMjZEMw&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKqy--8p-lKKAUpbhvR8B98&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fuipglob.semasio.net%2Ftubemogul%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fuipglob.semasio.net%2Ftubemogul%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&_test=YOVmcQAAKiNEqAAc HTTP 302
https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YOVmcQAAKiNEqAAc&sInitiator=internal

Request Chain 123

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4530982277501607477 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=4530982277501607477

Request Chain 125

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4530982277501607477 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4530982277501607477

Request Chain 126

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 128

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4530982277501607477 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202107070826e56cd30298c9bee1f&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=4437cd4fb47e6bc0322b06db99920340&idt_did_status=added&gdpr_consent=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTA3MDcwODI2ZTU2Y2QzMDI5OGM5YmVlMWY HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEG7DCT7KHAk-WL5QqSyrUMQ&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=$UID&request=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=8057919136617922333&request=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDUzMDk4MjI3NzUwMTYwNzQ3Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDUzMDk4MjI3NzUwMTYwNzQ3Nw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIy-pXLE3_lcrIVNjvMdoaI&google_cver=1&google_ula=1641347,0

Request Chain 132

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8057919136617922333&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=4696076438286939563

Request Chain 135

https://a.audrte.com/a?adform_uid=4530982277501607477 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESELfXITtq5mwdFza65BFca0Q&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=6m4aeJYAevzRxGF3wW5jUgN2w&gdpr=0&gdpr_consent=

Request Chain 136

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4530982277501607477&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4530982277501607477&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=85518312080324865790247256430165514348&noredirect=1

Request Chain 137

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4530982277501607477 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165021103840000142013

Request Chain 138

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6982099432829155475

Request Chain 140

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=fe2060e5-6670-4900-96bc-504a5a9279b8

Request Chain 141

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=HDZWiMtl1M12Y95

Request Chain 142

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=fc9e719b-c396-4c46-83aa-8ea66094ba77

Request Chain 144

https://id5-sync.com/s/10/0.gif?puid=4530982277501607477 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=4530982277501607477&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiCzAd8IriF94krxariPj12WHD2Jk_r8v9aRatg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=53cb9ba7-6bfb-44a2-8d69-406321934bfb&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGoALTnsK3ZEu1Z15HTCHQY&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGoALTnsK3ZEu1Z15HTCHQY&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8057919136617922333&opid=apx&ops=&utidl=tech:goo:CAESEGoALTnsK3ZEu1Z15HTCHQY&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A18795895369&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Request Chain 145

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3429775662 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.Vo9SRBbBy5dQLMbqmiKm.

Request Chain 147

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477&cs=1

Request Chain 148

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4530982277501607477 HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4530982277501607477&cookieCheck=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=c30ba702500220a6dd01&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg HTTP 302
https://s.ad.smaato.net/c/?adExInit=g HTTP 302
https://match.bnmla.com/usersync?sspid=16&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1000265%26dspCookie%3D%5BUUID%5D

Request Chain 149

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4530982277501607477&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4530982277501607477&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=cb5679e6-fd9b-464a-944a-3ddf90301e69

Request Chain 151

https://eb2.3lift.com/xuid?mid=7354&xuid=4530982277501607477&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4530982277501607477&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

Request Chain 201

https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dc364a710-cb21-4ff7-9011-683e75c30e40 HTTP 302
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=c364a710-cb21-4ff7-9011-683e75c30e40

Request Chain 202

https://a.sportradarserving.com/pixel?type=js&aid=1083&id=1463 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1083&id=1463

Request Chain 206

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9327.LIVTy41_0aJyrwRTNJnQAapB1b7VIRhWk64ZGFObB-GP5fOEGj_JsnEGFOOnGIvx.wSxFanSQaDqzAE2lvKfaauXWwLg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9327.MXzUZEXLKxUnY8bvZUpTt7YihDtReA3n1zZaQr5rWEClCHbATYcCEqndc8sZF-P1xzlUUKWme7towxycaLc20A%2C%2C.qNttax96EawJG_4LCjjaFjCLdzg%2C

Request Chain 211

https://x.bidswitch.net/syncd?dsp_id=409&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://eu.sportradarserving.com/bsw_sync?bsw_uid=7583981b-85d3-4792-bcfb-afc9f44e9b60

Request Chain 212

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=8849abe6-0e9d-465a-a1ff-fd786ed1aaf3 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7583981b-85d3-4792-bcfb-afc9f44e9b60

Request Chain 213

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=d2f1346d-0969-44b3-b738-5ea378832847 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60&dnr=1

Request Chain 214

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=334df887-a4df-4089-afc6-902c76ebc0f9 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent=&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6

Request Chain 217

https://mc.yandex.com/watch/49123291?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A1081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1204533036665%3Ahid%3A773949343%3Az%3A120%3Ai%3A202107070103146%3Aet%3A1625646707%3Ac%3A1%3Arn%3A494840920%3Au%3A16256467071029675804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625646702289%3Ads%3A33%2C63%2C345%2C21%2C0%2C0%2C%2C1039%2C36%2C4241%2C4241%2C5%2C1488%3Adsn%3A33%2C63%2C345%2C21%2C%2C0%2C%2C1021%2C36%2C4240%2C4240%2C6%2C1488%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625646707%3At%3ARegisto HTTP 302
https://mc.yandex.com/watch/49123291/1?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A1081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1204533036665%3Ahid%3A773949343%3Az%3A120%3Ai%3A202107070103146%3Aet%3A1625646707%3Ac%3A1%3Arn%3A494840920%3Au%3A16256467071029675804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625646702289%3Ads%3A33%2C63%2C345%2C21%2C0%2C0%2C%2C1039%2C36%2C4241%2C4241%2C5%2C1488%3Adsn%3A33%2C63%2C345%2C21%2C%2C0%2C%2C1021%2C36%2C4240%2C4240%2C6%2C1488%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625646707%3At%3ARegisto

223 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
22bets.co/pt/registration/ 250 KB
68 KB 442ms
346ms Document
text/html 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

6d2b6e0f886bbcf4a521b6948c13ee151a8c72bee1eff0c2829af216bd4bae26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: 22bets.co
:scheme: https
:path: /pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 07 Jul 2021 08:31:42 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
set-cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; path=/; secure; HttpOnly; SameSite=Lax lng=pt; expires=Fri, 06-Aug-2021 08:31:42 GMT; Max-Age=2592000; path=/ flaglng=pt; expires=Fri, 06-Aug-2021 08:31:42 GMT; Max-Age=2592000; path=/ dnb=1; expires=Wed, 07-Jul-2021 09:31:42 GMT; Max-Age=3600; path=/ _glhf=1625664478; expires=Wed, 07-Jul-2021 09:31:42 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Thu, 07-Jul-2022 08:31:42 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; expires=Sun, 05-Sep-2021 08:31:42 GMT; Max-Age=5184000; path=/; HttpOnly postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; expires=Fri, 06-Aug-2021 08:31:42 GMT; Max-Age=2592000; path=/; HttpOnly reflinkid=d_363513m_18281c_PT_Serg_Display; expires=Wed, 07-Jul-2021 09:31:42 GMT; Max-Age=3600; path=/; HttpOnly fast_coupon=true; expires=Wed, 14-Jul-2021 08:31:42 GMT; Max-Age=604800; path=/ v3r=1; expires=Fri, 13-Jan-2073 17:03:24 GMT; Max-Age=1625905902; path=/; HttpOnly; SameSite=lax auid=sv0Ui2DlZm5VrC1XAwMwAg==; expires=Thu, 07-Jul-22 08:31:42 GMT; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent,Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 jquery_pack.js Show response
v2l.cdnsfree.com/default/legacy/min_js/ 592 KB
205 KB 134ms
62ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/legacy/min_js/jquery_pack.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e640cefe92535e10ae5ea7740c127fe1a979295cc1bf491346464e8c521eb96

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 08:19:25 GMT
server: nginx
age: 484
etag: W/"5e82fd0d-93e73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 209901
expires: Wed, 07 Jul 2021 08:33:38 GMT

GET
H2 200 main.08bd218835e1d81b4638749f0c1ecb66.css
v2l.cdnsfree.com/styles/css/result/ 187 KB
41 KB 102ms
31ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/result/main.08bd218835e1d81b4638749f0c1ecb66.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 555f693558eb1c86095697706084213da2f4228cc83753b400e5709a836141e8

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 07:10:23 GMT
server: nginx
age: 1041537
etag: W/"60d5815f-2eaeb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 41977
expires: Sun, 25 Jul 2021 07:12:45 GMT

GET
H2 200 keyboard.css
v2l.cdnsfree.com/default/css/ 8 KB
2 KB 102ms
31ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/css/keyboard.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 53abc9a28027bf7eec43e8dc89dca43230f31b3cd60ff093c0d099c8c6afec5c

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 08:19:13 GMT
server: nginx
age: 365
etag: W/"5e82fd01-200b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 2066
expires: Wed, 07 Jul 2021 08:35:37 GMT

GET
H2 200 jquery_pack.css
v2l.cdnsfree.com/default/legacy/min_css/ 55 KB
13 KB 102ms
31ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/legacy/min_css/jquery_pack.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: bb63ceb127d03ff6ac88ab94ec8b558d1ab999d39175e6ea4cb4aefbf3a9fb3c

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 08:19:25 GMT
server: nginx
age: 472
etag: W/"5e82fd0d-dcba"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 12559
expires: Wed, 07 Jul 2021 08:33:50 GMT

GET
H2 200 new_column_right.css
v2l.cdnsfree.com/default/css/ 11 KB
3 KB 129ms
59ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/css/new_column_right.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 052ccfaf4f45317a76dbb04bf754a012fcecd04cb5b5fd5b09e2ba8bd998bce3

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 09:33:55 GMT
server: nginx
age: 87
etag: W/"5fdb2603-2db9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
expires: Wed, 07 Jul 2021 08:40:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
981 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic-ext,latin-ext

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a237131c7c8ed46913462864b014aad98d65d15328d5932a3b498227dd6725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 08:20:56 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
995 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,300,300i,700,700i&subset=cyrillic-ext,latin-ext

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 07:38:57 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H2 200 libs_js.js Show response
22bets.co/getZone/web_nz/scripts/ 580 KB
209 KB 32ms
31ms Script
application/javascript 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/getZone/web_nz/scripts/libs_js.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

3f88071aeca5332509541565427f46a6dc69255d3c21ba5bc27b52664f4574ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /getZone/web_nz/scripts/libs_js.js
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: br
last-modified: Thu, 02 Apr 2020 14:55:44 GMT
server: nginx
etag: W/"5e85fcf0-90e3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Wed, 07 Jul 2021 09:31:42 GMT

GET
H2 200 mainengine.js Show response
22bets.co/getZone/web_nz/engine/ 115 KB
37 KB 50ms
49ms Script
application/javascript 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/getZone/web_nz/engine/mainengine.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

d974bc2255ccdbee659f490617f151033f5474459e1a47d7593a5a794131cf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /getZone/web_nz/engine/mainengine.js
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: br
last-modified: Mon, 11 May 2020 07:32:09 GMT
server: nginx
etag: W/"5eb8ff79-1cd9b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Wed, 07 Jul 2021 09:31:42 GMT

GET
H2 200 dictionary_ed47c6337db63de10a85df479e19467c.js Show response
v2l.cdnsfree.com/genfiles/web-app-v2/dictionary/prod/main/pt/ 55 KB
24 KB 151ms
81ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/genfiles/web-app-v2/dictionary/prod/main/pt/dictionary_ed47c6337db63de10a85df479e19467c.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: f8f67ca4cf83c4fe8cdaa7eb3202e5578b1df1fc72f6fb22dfe00dba35142f47

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 10:54:03 GMT
server: nginx
age: 77828
etag: W/"ed47c6337db63de10a85df479e19467c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 24040
expires: Wed, 07 Jul 2021 10:54:54 GMT

GET
H2 200 main.748127dfe5e8be1aaa1fe3493e3d117d.css
v2l.cdnsfree.com/styles/css/registration/partners/bet22/ 106 KB
18 KB 99ms
41ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/registration/partners/bet22/main.748127dfe5e8be1aaa1fe3493e3d117d.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: b30905adaeb5eab7504f6f6e104e8790b389b4ee22ee3c70dfc50882f8650ffe

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 07:14:22 GMT
server: nginx
age: 1127577
etag: W/"60d430ce-1a64b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17655
expires: Sat, 24 Jul 2021 07:18:45 GMT

GET
H2 200 main.3d1dcd58d9a970c4e1760a1fa08187ee.css
v2l.cdnsfree.com/styles/css/c-bottom-msg/ 2 KB
940 B 105ms
48ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/c-bottom-msg/main.3d1dcd58d9a970c4e1760a1fa08187ee.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: c314484ddc606ad232b879518bdae64b20387c4d21bccf9eec3c2972a0ce6089

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 14:29:14 GMT
server: nginx
age: 1035635
etag: W/"5e68f5ba-713"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 682
expires: Sun, 25 Jul 2021 08:51:07 GMT

GET
H2 200 main.033b40b99dbde9cb28e5e1c76762d5ed.css
v2l.cdnsfree.com/styles/css/arctic-modal/partners/bet22/ 5 KB
2 KB 121ms
64ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/arctic-modal/partners/bet22/main.033b40b99dbde9cb28e5e1c76762d5ed.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: e0774324336828a2ab91eb56234c7a64dd735cb1bbd6fab5dad5f24fefcf9ffd

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 08:49:20 GMT
server: Footprint Distributor V6.1.1162
age: 456409
etag: W/"5fae4890-14d7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1797
expires: Sun, 01 Aug 2021 01:44:53 GMT

GET
H2 200 main.66b5517c90830c4ed5733c06d18b2c89.css
v2l.cdnsfree.com/styles/css/popups/modal-phone/partners/bet22/ 5 KB
2 KB 120ms
63ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/popups/modal-phone/partners/bet22/main.66b5517c90830c4ed5733c06d18b2c89.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ef4de26f7c6fd06f81a88405811a0b895c1654c018bf74c22ebca2acf1ead1f

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Sat, 27 Feb 2021 10:29:53 GMT
server: nginx
age: 856758
etag: W/"603a1f21-1486"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Tue, 27 Jul 2021 10:32:24 GMT

GET
H2 200 main.504a05943567084dd155e4d09f42c8f7.css
v2l.cdnsfree.com/styles/css/information/partners/bet22/ 61 KB
14 KB 118ms
62ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/information/partners/bet22/main.504a05943567084dd155e4d09f42c8f7.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: b1ac5c3f868850121b99a643faaadd7ee9462eada0c92318bec6f890ba8f7ad2

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 09:35:18 GMT
server: nginx
age: 1205483
etag: W/"60d30056-f5f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13726
expires: Fri, 23 Jul 2021 09:40:19 GMT

GET
H2 200 top-dropdowns-icons_22bet-67dba83df7.min.css
v2l.cdnsfree.com/styles/sprites/css/ 74 KB
7 KB 142ms
86ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/sprites/css/top-dropdowns-icons_22bet-67dba83df7.min.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 25372b8f4f2d23d8bf57e213e3c3570225a4cdcbb2957ba564db99e6d07ac6fe

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 07:42:59 GMT
server: nginx
age: 2623
etag: W/"60e40983-128f2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6616
expires: Wed, 07 Jul 2021 08:47:59 GMT

GET
H2 200 font-awesome.min.css
v2l.cdnsfree.com/vendor/font-awesome/css/ 30 KB
8 KB 116ms
61ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/vendor/font-awesome/css/font-awesome.min.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2016 15:52:54 GMT
server: nginx
age: 2593
etag: W/"580e2e56-7918"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 7949
expires: Wed, 07 Jul 2021 08:48:29 GMT

GET
H2 200 main.2b6f1d27aa969cba10f382008ee2ff7f.css
v2l.cdnsfree.com/styles/css/coupon-modal-old/partners/bet22/ 12 KB
3 KB 120ms
65ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/coupon-modal-old/partners/bet22/main.2b6f1d27aa969cba10f382008ee2ff7f.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb398436c86ab37cc160393a3b9bfe55101ece554d90ec6cd1011a36a887931

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 08:08:33 GMT
server: nginx
age: 173981
etag: W/"6093a401-2fbd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3147
expires: Wed, 04 Aug 2021 08:12:02 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 8 KB
729 B 29ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 06:34:31 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 4 KB
630 B 28ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700&subset=cyrillic,cyrillic-ext

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 08:22:13 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H2 200 main.6901ab40084ca79be4737ffc09afec8e.css
v2l.cdnsfree.com/styles/css/global/ 3 KB
1 KB 116ms
61ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/global/main.6901ab40084ca79be4737ffc09afec8e.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c44875b410b096e617f8ce8ea2e7dafb2e76735a6d4432698014db69b74893b

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 08:37:25 GMT
server: nginx
age: 409936
etag: W/"602cd5c5-be1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1006
expires: Sun, 01 Aug 2021 14:39:26 GMT

GET
H2 200 main.1f5a7c01b1ab1084cf328127e6dd7156.css
v2l.cdnsfree.com/styles/css/header/ 106 KB
22 KB 103ms
49ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/header/main.1f5a7c01b1ab1084cf328127e6dd7156.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 21897509e84bcf3966a038b2f4493cc40dd3cb3d1715c7299029d43e89069062

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 11:11:59 GMT
server: nginx
age: 422193
etag: W/"60def47f-1a9e9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21971
expires: Sun, 01 Aug 2021 11:15:10 GMT

GET
H2 200 coupon.d43db90bc3f9e864b5176194634ee177.css
v2l.cdnsfree.com/styles/css/old_styles/ 71 KB
14 KB 116ms
61ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/old_styles/coupon.d43db90bc3f9e864b5176194634ee177.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 987eefb23922f2ff7ac5da292fd06d6991c769585aa4956b8b5aacb8fd206aa2

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 07:37:27 GMT
server: nginx
age: 1035762
etag: W/"5ec62fb7-11a08"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14490
expires: Sun, 25 Jul 2021 08:49:00 GMT

GET
H2 200 main.e8aa24dc6a3fafac3da04070cdff7937.css
v2l.cdnsfree.com/styles/css/footer/partners/bet22/ 38 KB
9 KB 117ms
62ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/footer/partners/bet22/main.e8aa24dc6a3fafac3da04070cdff7937.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d46a905371c27610c615705cc1f4a4db30bbb08888f8365cdafe4471cde9987c

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 11:47:03 GMT
server: nginx
age: 852084
etag: W/"60b0d837-98b8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8644
expires: Tue, 27 Jul 2021 11:50:18 GMT

GET
H2 200 main.724aceb259b187b02c3a19de015b23b5.css
v2l.cdnsfree.com/styles/css/menu-left/partners/bet22/ 150 KB
24 KB 106ms
52ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/menu-left/partners/bet22/main.724aceb259b187b02c3a19de015b23b5.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fc315d0494ad3037ffe17f2bc99015a2573be285fb06ecb706e9f83660ae1ed

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 07:57:57 GMT
server: nginx
age: 1211282
etag: W/"60ab5c85-2582e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Fri, 23 Jul 2021 08:03:40 GMT

GET
H2 200 main.da18fe7bb23d07b5110effab66204add.css
v2l.cdnsfree.com/styles/css/popup/partners/bet22/ 182 KB
42 KB 117ms
64ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/popup/partners/bet22/main.da18fe7bb23d07b5110effab66204add.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 307eb2664b8ef175765f89c0a604f5fc417405ecfbf404bc2fa082d4856e27f6

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 08:12:17 GMT
server: nginx
age: 1124200
etag: W/"60d43e61-2d9c1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42299
expires: Sat, 24 Jul 2021 08:15:02 GMT

GET
H2 200 scoreboard_game.e2f937de62a30b61d860514cbf727d8a.css
v2l.cdnsfree.com/styles/css/old_styles/ 390 KB
59 KB 114ms
60ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/old_styles/scoreboard_game.e2f937de62a30b61d860514cbf727d8a.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: aa5972d88eaf8605388bb5d30f02a327fbd230aa049c0875204c56e6891e20d4

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 06:59:55 GMT
server: nginx
age: 5355
etag: W/"60e550eb-6190e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 59715
expires: Fri, 06 Aug 2021 07:02:27 GMT

GET
H2 200 filters.5402adb9926ac574bcf2580d15f06150.css
v2l.cdnsfree.com/styles/css/old_styles/ 21 KB
5 KB 115ms
62ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/old_styles/filters.5402adb9926ac574bcf2580d15f06150.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: fed8f50f01de90a208655afae34306f355cd98c8732525c077178d218f78e610

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 12:42:56 GMT
server: nginx
age: 2121617
etag: W/"5e2ae650-549c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4795
expires: Fri, 23 Jul 2021 14:54:25 GMT

GET
H2 200 main.1ce47c24f4dd5a43c10515b26ddd2f9f.css
v2l.cdnsfree.com/styles/css/new1x2/partners/bet22/ 41 KB
9 KB 118ms
65ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/new1x2/partners/bet22/main.1ce47c24f4dd5a43c10515b26ddd2f9f.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 481bc9e285d7cfa1939a869adfe20d4fe54041df23233c00a436431fb633bdee

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 07:49:56 GMT
server: nginx
age: 1903143
etag: W/"60c85ba4-a2e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8440
expires: Thu, 15 Jul 2021 07:52:39 GMT

GET
H2 200 sportstream.fc2475cb0d50d9e06313399c7cf6b786.css
v2l.cdnsfree.com/styles/css/sportstream/ 3 KB
1 KB 113ms
61ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/sportstream/sportstream.fc2475cb0d50d9e06313399c7cf6b786.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 60c443da3dda2eae920b924abc2d0d24b06019831c73501b633ec76d6c92c278

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 12:43:03 GMT
server: nginx
age: 2219437
etag: W/"5e2ae657-b94"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 937
expires: Sun, 11 Jul 2021 16:01:05 GMT

GET
H2 200 main.63a3a324dda66d638795763c6cd169b9.css
v2l.cdnsfree.com/styles/css/bet22/ 577 KB
106 KB 117ms
64ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 585d149b34ad3a6809f7a6e5677a931c7c06fa1f2e537bfb9c5e49c5d42895c6

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 14:03:34 GMT
server: nginx
age: 584414
etag: W/"60dc79b6-90516"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 107989
expires: Fri, 30 Jul 2021 14:11:28 GMT

GET
H2 200 main.331589461886b13071ead87b7bd5463c.css
v2l.cdnsfree.com/styles/css/messages/partners/bet22/ 6 KB
2 KB 116ms
64ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/messages/partners/bet22/main.331589461886b13071ead87b7bd5463c.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: a8e0234216bb09c444ba326f0442b0801711d049451dfc12dae637ea92e4517f

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 13:04:32 GMT
server: nginx
age: 1452305
etag: W/"60097be0-1671"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1749
expires: Tue, 20 Jul 2021 13:06:37 GMT

GET
H2 200 vendor.e56fd011222274497557.js Show response
v2l.cdnsfree.com/bundle/library/ 388 KB
134 KB 114ms
62ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/library/vendor.e56fd011222274497557.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8617f9bca908a62e3d789a1cb8c73a1bc1cb269b255b0d181a86323f97f12dbf

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 09:28:31 GMT
server: nginx
age: 2589882
etag: W/"609a4e3f-611ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Wed, 07 Jul 2021 09:07:00 GMT

GET
H2 200 polyfill.90f8548b03a645f1f624.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 82 KB
32 KB 118ms
66ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/polyfill.90f8548b03a645f1f624.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: cb58c94276a54c26f58fc42cf7630c3f39aa770917c59a1ccc47152a49765a2a

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 11:10:33 GMT
server: nginx
age: 422185
etag: W/"60def429-14749"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32172
expires: Sun, 01 Aug 2021 11:15:17 GMT

GET
H2 200 information.f73d8e9b9a42f5e4870df41b63bfbd4c.js Show response
v2l.cdnsfree.com/default/min_js/information/ 1 KB
844 B 146ms
94ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/min_js/information/information.f73d8e9b9a42f5e4870df41b63bfbd4c.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b0b7ff8ca3f671e049cf6847abf67497aef5b5fbf59539b2671e59cba26d490

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 09:38:28 GMT
server: nginx
age: 483
etag: W/"5fdb2714-5bf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 571
expires: Wed, 07 Jul 2021 08:33:39 GMT

GET
H2 200 polyfill.7687c517a241de6e490bd1dc769a038c.js Show response
v2l.cdnsfree.com/default/min_js/ 2 KB
1 KB 113ms
61ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/default/min_js/polyfill.7687c517a241de6e490bd1dc769a038c.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: f94ff3c33c8b835ffb4486901ff1ab168c383e39551449b924abf15a80cc2ec9

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 13:00:34 GMT
server: nginx
age: 283
etag: W/"5e3d5f72-9fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 1086
expires: Wed, 07 Jul 2021 08:36:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 20 KB
1 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 07:43:53 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
575 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&subset=cyrillic

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 08:22:57 GMT
server: ESF
date: Wed, 07 Jul 2021 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jul 2021 08:31:42 GMT

GET
H2 200 69c5fba8763e25104c4b57be540b9ec9.png
22bets.co/genfiles/cms/pg/151/images/ 8 KB
9 KB 56ms
49ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/genfiles/cms/pg/151/images/69c5fba8763e25104c4b57be540b9ec9.png

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9368bfc36f658e8caa9ce2d56b148853fba086149352acd8c2a927ecc75d0ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /genfiles/cms/pg/151/images/69c5fba8763e25104c4b57be540b9ec9.png
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Sat, 23 Mar 2019 09:06:20 GMT
server: nginx
etag: "1810891e30687e4182f93d7ef490fe1b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8602
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 visa_ic.svg
v2l.cdnsfree.com/default/img/ 3 KB
3 KB 73ms
66ms Image
image/svg+xml 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/visa_ic.svg
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0241d43be9148d42bc34063814cdeabb195fe94caf1ea073ef9b76dc198d357a

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 09:35:27 GMT
server: nginx
age: 2815
etag: W/"5f9000df-c4d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 07 Jul 2021 08:44:48 GMT

GET
H2 200 mastercard_ic.svg
v2l.cdnsfree.com/default/img/ 2 KB
2 KB 73ms
67ms Image
image/svg+xml 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/mastercard_ic.svg
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6004685f933946d3f31607e7320945bbacf7b235cac57b7fa859574d2028a5a1

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 09:35:27 GMT
server: nginx
age: 803
etag: W/"5f9000df-732"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 07 Jul 2021 09:18:20 GMT

GET
H2 200 dci_logo.jpg
v2l.cdnsfree.com/default/img/bet22/ 6 KB
7 KB 74ms
68ms Image
image/jpeg 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/dci_logo.jpg
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: c69af71b2c3bceacea794eb1df2aee01d862e7242b32b5ce099616f1e34f68ef

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 2815
etag: "5e82fd04-1931"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6449
expires: Wed, 07 Jul 2021 08:44:48 GMT

GET
H2 200 discover_logo.jpg
v2l.cdnsfree.com/default/img/bet22/ 8 KB
9 KB 74ms
69ms Image
image/jpeg 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/discover_logo.jpg
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 26b2e57089ecb46a460bc14fa6492633cfa353f15753b6fde5f245761431ecc5

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 1645
etag: "5e82fd04-21d6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 8662
expires: Wed, 07 Jul 2021 09:04:23 GMT

GET
H2 200 cookie.js Show response
22bets.co/default/js/ 1 KB
842 B 22ms
22ms Script
application/javascript 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/default/js/cookie.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

536ee79f1bc35fbd1bb6ed7377073877c9784dbc010510ea06a9092b8b8be8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/js/cookie.js
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 08:19:23 GMT
server: nginx
etag: W/"5e82fd0b-4c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Wed, 07 Jul 2021 09:31:42 GMT

GET
H2 200 pushfree_integrate.9a1f2b0e6801b7590698.css
22bets.co/bundle/app/Bet22/Desktop/ 10 KB
3 KB 22ms
22ms Stylesheet
text/css 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/bundle/app/Bet22/Desktop/pushfree_integrate.9a1f2b0e6801b7590698.css

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

75c67a8b6dab220d4618cee51d081b00775fac3f2b82d70b355bc84001b4e5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /bundle/app/Bet22/Desktop/pushfree_integrate.9a1f2b0e6801b7590698.css
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
content-encoding: br
last-modified: Tue, 06 Jul 2021 13:28:24 GMT
server: nginx
etag: W/"60e45a78-28b7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Fri, 06 Aug 2021 08:31:42 GMT

GET
H2 200 common_22bet.016d6ebb78efbc160634.css
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 11 KB
3 KB 23ms
22ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/common_22bet.016d6ebb78efbc160634.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3733eb70a24718de0939045943d21080c09e4f63b2adef610092f118da9f4e0e

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 12:29:39 GMT
server: nginx
age: 1798234
etag: W/"60c9eeb3-2ae1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Fri, 16 Jul 2021 13:01:09 GMT

GET
H2 200 registration.0f2bcfd125cb31ff0515.css
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 2 KB
1009 B 27ms
20ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/registration.0f2bcfd125cb31ff0515.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: b9d744d136afbb7ba2ce69b9fc7611a1058f60546719032288c7f4825ec6632a

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 11:42:40 GMT
server: nginx
age: 2234405
etag: W/"60c34c30-898"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 751
expires: Sun, 11 Jul 2021 11:52:29 GMT

GET
H2 200 sports-icons-d1e7d993fe.min.css
v2l.cdnsfree.com/styles/sprites/css/ 80 KB
5 KB 29ms
21ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/sprites/css/sports-icons-d1e7d993fe.min.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 26f5eccc13869a1f30957b4fec86406681ebec69163990e25140cc89f9d08cbd

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 07:42:58 GMT
server: nginx
age: 2736
etag: W/"60e40982-14092"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5031
expires: Wed, 07 Jul 2021 08:46:07 GMT

GET
H2 200 auth.320de3111bcb44a0fbaf.css
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 5 KB
1 KB 30ms
22ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.320de3111bcb44a0fbaf.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 037e1517f14dd250f4de722a521d8456617b9509208a4d9a95e9d2a8ac7eb41d

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 14:54:53 GMT
server: nginx
age: 1702709
etag: W/"60cb623d-1241"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Sat, 17 Jul 2021 15:33:14 GMT

GET
H2 200 main.6a7e667d1604a162325c39636c3e36bd.css
v2l.cdnsfree.com/styles/css/auth/ 43 KB
7 KB 31ms
23ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/auth/main.6a7e667d1604a162325c39636c3e36bd.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 884eb2c13b6c7f7fa92421df412b8ce347f0f807975f2685c1eb900714ba62f1

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 12:22:20 GMT
server: nginx
age: 1886766
etag: W/"6079817c-ad35"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7309
expires: Thu, 15 Jul 2021 12:25:37 GMT

GET
H2 200 main.11af3ba23226e6aa8de6f6e6aba8c235.css
v2l.cdnsfree.com/styles/css/popup-doublewin/ 10 KB
2 KB 28ms
20ms Stylesheet
text/css 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/styles/css/popup-doublewin/main.11af3ba23226e6aa8de6f6e6aba8c235.css
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: a4c22c574158361f24c7d7f07a2cda48f713f9a286f2026217c7878022365208

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 12:42:58 GMT
server: nginx
age: 1298055
etag: W/"5e2ae652-27c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2144
expires: Thu, 22 Jul 2021 07:57:28 GMT

GET
H2 200 pushfree_integrate.e1aa1402d098962db45a.bundle.js Show response
22bets.co/bundle/app/Bet22/Desktop/ 17 KB
5 KB 37ms
32ms Script
application/javascript 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/bundle/app/Bet22/Desktop/pushfree_integrate.e1aa1402d098962db45a.bundle.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

470de43456706d22d6fecdf9d4418dd2b6c159fabd4b951250b00a7ede028fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /bundle/app/Bet22/Desktop/pushfree_integrate.e1aa1402d098962db45a.bundle.js
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: br
last-modified: Tue, 06 Jul 2021 13:28:24 GMT
server: nginx
etag: W/"60e45a78-4241"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Fri, 06 Aug 2021 08:31:43 GMT

GET
H2 200 cdnChecker.8db157acad817c72bae5.bundle.js Show response
22bets.co/bundle/app/Bet22/Desktop/ 3 KB
2 KB 31ms
23ms Script
application/javascript 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/bundle/app/Bet22/Desktop/cdnChecker.8db157acad817c72bae5.bundle.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9e03c79dc634291555012dbfa6be9c2c2407cfaf1ea79d19923469e73ed11f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /bundle/app/Bet22/Desktop/cdnChecker.8db157acad817c72bae5.bundle.js
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: br
last-modified: Tue, 06 Jul 2021 13:28:24 GMT
server: nginx
etag: W/"60e45a78-c69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Fri, 06 Aug 2021 08:31:43 GMT

GET
H2 200 conversion.js Show response
v2l.cdnsfree.com/public/1xbower/dist/ 179 KB
66 KB 27ms
19ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/public/1xbower/dist/conversion.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: eaffc2f0175c9cd8206760c4e366e038b445340dac2f25af8222e6a14b7d227e

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 08:07:10 GMT
server: nginx
age: 292
etag: W/"60d43d2e-2ca16"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 67423
expires: Wed, 07 Jul 2021 08:36:51 GMT

GET
H2 200 registration_common.003d77f04e77b783f783.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 206 KB
72 KB 28ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/registration_common.003d77f04e77b783f783.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 864ad9c9608bffa138035a20393a60bf14d4de0262b959ad7c3616233149d242

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75455
etag: W/"60e43e83-33886"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73736
expires: Thu, 05 Aug 2021 11:34:24 GMT

GET
H2 200 common_22bet.8ed64ec1071de30cea17.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 769 KB
230 KB 29ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/common_22bet.8ed64ec1071de30cea17.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a835aca524d2e083af7edea9ad3ecc28877a64b5f0efa2696fa850346e1cb3e

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75429
etag: W/"60e43e83-c0548"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 234715
expires: Thu, 05 Aug 2021 11:34:34 GMT

GET
H2 200 bonus_registration_page.3f1b9f87c916bd94a495.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 206 KB
72 KB 28ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/bonus_registration_page.3f1b9f87c916bd94a495.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a400a24f44e9edd687ddec9ea72bc60c48ea65087df56b4a93532b5327bb6d5

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75395
etag: W/"60e43e83-33603"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73198
expires: Thu, 05 Aug 2021 11:35:08 GMT

GET
H2 200 registration.78a2cf924b044e9b3b83.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 602 KB
194 KB 61ms
54ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/registration.78a2cf924b044e9b3b83.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da04550454d98bc9f8ad340e18568340a835b878a444be6a67b1e75d80af566

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75395
etag: W/"60e43e83-9669b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 197731
expires: Thu, 05 Aug 2021 11:38:50 GMT

GET
H2 200 menu22.ee35660254597ba2b12a.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 227 KB
80 KB 28ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/menu22.ee35660254597ba2b12a.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: e7955457f97ec7103af3d6d83ef277c4fd85e9c9fd6c70a76bc1ed094c0451f4

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75463
etag: W/"60e43e83-38ab2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 81338
expires: Thu, 05 Aug 2021 11:34:24 GMT

GET
H2 200 auth.5f697fa3b38f432d9472.bundle.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 455 KB
154 KB 71ms
64ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4eb1645658bc6f8a8bc45a522125c2a222d0da11c197485a09e3306097f9c94f

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75463
etag: W/"60e43e83-71c7c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 157143
expires: Thu, 05 Aug 2021 11:34:03 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

112ms
36ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:34:29 GMT
server: nginx
etag: W/"60a21c85-13e2b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 07 Jul 2021 08:31:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 hotjar-1152929.js Show response
static.hotjar.com/c/ 4 KB
2 KB 80ms
25ms Script
application/javascript 13.225.87.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1152929.js?sv=6

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-40.fra2.r.cloudfront.net

Software

Resource Hash

f22fffb87283ca01e5b684cbc67e1c4c1efca999497a651656535bfac72cbefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/de864f01c78ed859038065a153f8b830
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1955
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-id: 0HRbrvL91SN8vJ9kRtqEinKq8fAy_YQGnsPNgKmhNaJAu0bM2e4hyg==

GET
BLOB 200
OK 26cd7b48-a3d4-4d56-807e-0a164b0ee3b8
https://22bets.co/ 3 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://22bets.co/26cd7b48-a3d4-4d56-807e-0a164b0ee3b8
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03214c49262a897ec00a96e9602a1e8ed694c2bfc263b98595e0edb4aa00b631

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 2868
Content-Type: text/plain

GET
H2 200 icons.svg
22bets.co/default/img/registration/ 75 KB
28 KB 36ms
32ms Other
image/svg+xml 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/default/img/registration/icons.svg

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

32bb046bdb291504f892d1c407c879dbd3b8a7eb8aa82a4a6d07fcd64eb5125e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/registration/icons.svg
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 07:58:55 GMT
server: nginx
etag: W/"605c42bf-12b1d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 clock.png
v2l.cdnsfree.com/default/img/bet22/ 408 B
626 B 65ms
64ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/clock.png
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: cbc2e46f0c94ae655bddd5449083c0d84d90751ddddc659401024b96d9d022fd

Request headers

Referer: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 1482
etag: "5e82fd04-198"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 408
expires: Wed, 07 Jul 2021 09:07:01 GMT

GET
H2 200 flags-sprite.png
v2l.cdnsfree.com/default/img/ 56 KB
57 KB 65ms
65ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/flags-sprite.png
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/styles/css/result/main.08bd218835e1d81b4638749f0c1ecb66.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 251c52ad01652092f82a441d3c8476d7aff512012d086464d9bf1e537d18b75f

Request headers

Referer: https://v2l.cdnsfree.com/styles/css/result/main.08bd218835e1d81b4638749f0c1ecb66.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Wed, 12 May 2021 09:39:13 GMT
server: nginx
age: 486
etag: "609ba241-e107"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 57607
expires: Wed, 07 Jul 2021 09:23:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:06:01 GMT
x-content-type-options: nosniff
age: 120342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 23:06:01 GMT

GET
H2 200 info.png
v2l.cdnsfree.com/default/img/bet22/ 238 B
456 B 55ms
54ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/info.png
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/styles/css/footer/partners/bet22/main.e8aa24dc6a3fafac3da04070cdff7937.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 34b31d1c2c76385d20330efd1266a8165ca899db098e4e9f558a0a302134e60c

Request headers

Referer: https://v2l.cdnsfree.com/styles/css/footer/partners/bet22/main.e8aa24dc6a3fafac3da04070cdff7937.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 2370
etag: "5e82fd04-ee"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 238
expires: Wed, 07 Jul 2021 08:52:14 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 20ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:17:37 GMT
x-content-type-options: nosniff
age: 76446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:17:37 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:09:28 GMT
x-content-type-options: nosniff
age: 94935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:09:28 GMT

GET
H2 200 fontawesome-webfont.woff2
v2l.cdnsfree.com/vendor/font-awesome/fonts/ 75 KB
76 KB 94ms
35ms Font
font/woff2 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/vendor/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://22bets.co
Referer: https://v2l.cdnsfree.com/vendor/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Mon, 24 Oct 2016 15:52:54 GMT
server: nginx
age: 3062
etag: "580e2e56-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 77160
expires: Wed, 07 Jul 2021 08:40:42 GMT

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 27ms
24ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,300,300i,700,700i&subset=cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:30:05 GMT
x-content-type-options: nosniff
age: 111698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:30:05 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:01:52 GMT
x-content-type-options: nosniff
age: 113391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:01:52 GMT

GET
H3-29 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 15 KB
15 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700&subset=cyrillic,cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 05:59:00 GMT
x-content-type-options: nosniff
age: 95563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14872
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:59:00 GMT

GET
H2 200 cdn_checker.png
v2l.cdnsfree.com/default/img/ 95 B
312 B 20ms
19ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/cdn_checker.png
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Thu, 16 Jul 2020 14:39:09 GMT
server: nginx
age: 3451
etag: "5f10668d-5f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 95
expires: Wed, 07 Jul 2021 08:34:12 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 92365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic,cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:11:55 GMT
x-content-type-options: nosniff
age: 112788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9588
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:11:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
650 B 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&hl=pt

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/registration.78a2cf924b044e9b3b83.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9506624713d6d5174d572c7da22b165e0577b69ab04caff92868133b8aba5192

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 08:31:43 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 106269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:00:34 GMT

GET
H2 200 pixels2.svg
22bets.co/default/img/icons/ 90 B
636 B 156ms
156ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/icons/pixels2.svg?v=1625646703

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/icons/pixels2.svg?v=1625646703
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:43 GMT
vary: User-Agent
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
set-cookie: lng=pt; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ flaglng=pt; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ is_rtl=1; expires=Thu, 07-Jul-2022 08:31:43 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
content-length: 90
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 13.fdf744afc55ef856a05d.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 16 KB
3 KB 20ms
20ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/13.fdf744afc55ef856a05d.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 02e0d383c4f94a2dc1f0ed3b4c178aeaee8c38def1ad1b4e4fcbb0a1eaa877ac

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 07:43:10 GMT
server: nginx
age: 1212276
etag: W/"60d2e60e-3f6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3063
expires: Fri, 23 Jul 2021 07:47:25 GMT

GET
H2 200 635.c06ea4191e5d5851cf79.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 16 KB
6 KB 21ms
20ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/635.c06ea4191e5d5851cf79.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: f46d0c5e298b4c56b6eaeee959152285fa046dbb3adac56f0aa51984bfe76acb

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 11:10:33 GMT
server: nginx
age: 422175
etag: W/"60def429-41f1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5744
expires: Sun, 01 Aug 2021 11:15:33 GMT

GET
H2 200 26.882c9f2019432e0079b7.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 21 KB
7 KB 21ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/26.882c9f2019432e0079b7.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 9269ad3aa0c27da503290abb9ea5c192d8d49af0afa33fe75827485c672a2cff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 08:42:52 GMT
server: nginx
age: 517377
etag: W/"60dd800c-536e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6533
expires: Sat, 31 Jul 2021 08:48:46 GMT

GET
H2 200 58.4319340b2cd584598ad9.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 29 KB
9 KB 22ms
22ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/58.4319340b2cd584598ad9.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: f399de4feb9c9439a01c6ea7b9f44e4e4cca8024f445fdf38a5a10fccb2770e2

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 11:10:33 GMT
server: nginx
age: 422175
etag: W/"60def429-7288"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9117
expires: Sun, 01 Aug 2021 11:15:33 GMT

GET
H2 200 639.ed770de23b6b76dfcc84.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 278 KB
69 KB 21ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/639.ed770de23b6b76dfcc84.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 29e0ef13b5fe25b755f6c9575d9269cbe3df01454d658b16399965b2f1db5b38

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75459
etag: W/"60e43e83-45602"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 70724
expires: Thu, 05 Aug 2021 11:34:04 GMT

GET
H2 200 / Show response
cookconfig.net/user/config/ Frame 72C8 3 KB
2 KB 207ms
147ms Document
text/html 213.183.44.56
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://cookconfig.net/user/config/

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/default/legacy/min_js/jquery_pack.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.183.44.56 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

b7ddd5375b7d1ce924afdbf86349699aedb0de12b3fd2ff7b3d6703107b6515a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: cookconfig.net
:scheme: https
:path: /user/config/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

server: nginx
date: Wed, 07 Jul 2021 08:31:43 GMT
content-type: text/html; charset=utf-8
content-length: 915
x-frame-options: ALLOWALL
set-cookie: SESSION=232ffc0caa37d712f2f5ec081d4812a8; path=/; secure; HttpOnly; SameSite=Lax lng=en; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ flaglng=en; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ dnb=1; expires=Wed, 07-Jul-2021 09:31:43 GMT; Max-Age=3600; path=/ is_rtl=1; expires=Thu, 07-Jul-2022 08:31:43 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly visit=1-d2eb1a08403e7ce27309c72b2f580f3b; path=/; HttpOnly fast_coupon=true; expires=Wed, 14-Jul-2021 08:31:43 GMT; Max-Age=604800; path=/ v3r=1; expires=Fri, 13-Jan-2073 17:03:26 GMT; Max-Age=1625905903; path=/; HttpOnly; SameSite=lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 98ms
30ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=b76bb061ad9d75a8c582821d22792f92fde554995393d04b4620edf838b2a0f2

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/common_22bet.8ed64ec1071de30cea17.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f163f0772bb58d923f0cb54a475889a2aed77812b15ebe1b4ba45b1035a83c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 98ms
32ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=b76bb061ad9d75a8c582821d22792f92fde554995393d04b4620edf838b2a0f2

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 1st_sport_image.png
22bets.co/default/img/bet22/bonuses/new/ 36 KB
36 KB 22ms
22ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/bet22/bonuses/new/1st_sport_image.png

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

00faca978fede1f8e94fb6b132d406bf1243c820fa66e0d2befcfa529c4b972a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/bet22/bonuses/new/1st_sport_image.png
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Thu, 06 May 2021 08:03:54 GMT
server: nginx
etag: "6093a2ea-8f33"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 36659
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 1st_casino_image.png
22bets.co/default/img/bet22/bonuses/new/ 47 KB
47 KB 23ms
23ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/bet22/bonuses/new/1st_casino_image.png

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

db999f63b63458bc9df04a25859bbfbb5c00ff6578e3ac8dbe436d548186890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/bet22/bonuses/new/1st_casino_image.png
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Thu, 06 May 2021 08:03:54 GMT
server: nginx
etag: "6093a2ea-bb57"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 47959
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 1st_sport_bg.png
22bets.co/default/img/bet22/bonuses/new/ 58 KB
59 KB 23ms
23ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/bet22/bonuses/new/1st_sport_bg.png

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ae0e13652803bf2c6fd7d44840cd24601855eb033a57e81a1591262ae947872c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/bet22/bonuses/new/1st_sport_bg.png
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Thu, 06 May 2021 08:03:54 GMT
server: nginx
etag: "6093a2ea-e983"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 59779
expires: Thu, 08 Jul 2021 08:31:43 GMT

GET
H2 200 sport_icon.png
v2l.cdnsfree.com/default/img/bet22/bonuses/ 2 KB
2 KB 23ms
22ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/bonuses/sport_icon.png
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 895466862776d2f9fe9c259a65e32138cc9d029361c0217089e9f5e42b77915d

Request headers

Referer: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 3288
etag: "5e82fd04-753"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1875
expires: Wed, 07 Jul 2021 08:36:55 GMT

POST
H2 200 getRightMenu Show response
22bets.co/ 1021 B
1 KB 128ms
128ms XHR
application/json 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/getRightMenu

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/library/vendor.e56fd011222274497557.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

beb8cfa6b40b30dd2058e849f2f151ced4f8076220fa11e2017de97d7ed2a336

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://22bets.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2
content-length: 0
:path: /getRightMenu
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:43 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
set-cookie: lng=pt; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ flaglng=pt; expires=Fri, 06-Aug-2021 08:31:43 GMT; Max-Age=2592000; path=/ is_rtl=1; expires=Thu, 07-Jul-2022 08:31:43 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 modules.c057a0a680ba2bae7796.js Show response
script.hotjar.com/ 219 KB
58 KB 79ms
27ms Script
application/javascript 13.224.193.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c057a0a680ba2bae7796.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1152929.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-31.fra2.r.cloudfront.net

Software

Resource Hash

cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 07:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4418
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59054
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 07:17:15 GMT
etag: "c4474e0a67f74d83e41d7cfcecc9929f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gG4W5nuAbY92CmlmvPsf2qKdkw26pksJnTTp-RohJlJR-11-j-bJ4g==

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame E21B 2 KB
1 KB 72ms
22ms Document
text/html 13.224.193.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1152929.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-91.fra2.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: A6H3H-X4Tm2_MqvxT2ySA1erFk6Is2pR0uEBmbmn5pcPpzOaQzS7ig==
age: 217681

GET
H2 200 recaptcha__pt.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 343 KB
343 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=pt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be926bc930e44b898124c45f6a2574db3e93478386ecd99548843223794a3da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://22bets.co
Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:03:21 GMT
x-content-type-options: nosniff
age: 102503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351066
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 04:03:21 GMT

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3D...

810 B
1 KB

39ms
38ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

411d024d80796b615829ac227b4e7014c55720b97c47181394465674e719b853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 684
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1417487&ADFdivider=%7C&ord=389679157767&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3D...

852 B
1 KB

41ms
41ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

f3da90ea214977d6f31707a840050f1202311b8bb7cf641d7801df38b66a6521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 691
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 Auth.1.9ebf7d4c0caf5dd57eab.chunk.js Show response
v2l.cdnsfree.com/bundle/app/Bet22/Desktop/ 7 KB
2 KB 22ms
21ms Script
application/javascript 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/Auth.1.9ebf7d4c0caf5dd57eab.chunk.js
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/auth.5f697fa3b38f432d9472.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: f5927979f68f2197212e23c9eb1c8016172e99dbfb1e6f3398c9f0653d909256

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:29:07 GMT
server: nginx
age: 75458
etag: W/"60e43e83-1bea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2162
expires: Thu, 05 Aug 2021 11:34:06 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3A07 39 KB
20 KB 32ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8yMmJldHMuY286NDQz&hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=invisible&badge=inline&cb=xiememnxwtmj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

895effa868e9c2a3191cc2cd4732f10467936ab72c35193c6f518c7992422d47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CFw+rcROjMhzD2kohAh+Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8yMmJldHMuY286NDQz&hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=invisible&badge=inline&cb=xiememnxwtmj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 08:31:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-CFw+rcROjMhzD2kohAh+Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20375
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixels2.svg
22bets.co/default/img/icons/ 90 B
636 B 160ms
160ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/icons/pixels2.svg?v=1625646704

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/icons/pixels2.svg?v=1625646704
pragma: no-cache
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2; _hjid=6045bde8-88be-4702-8a68-69467686b9c3; _hjFirstSeen=1; ggru=216
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
vary: User-Agent
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
set-cookie: lng=pt; expires=Fri, 06-Aug-2021 08:31:44 GMT; Max-Age=2592000; path=/ flaglng=pt; expires=Fri, 06-Aug-2021 08:31:44 GMT; Max-Age=2592000; path=/ is_rtl=1; expires=Thu, 07-Jul-2022 08:31:44 GMT; Max-Age=31536000; path=/; HttpOnly disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly user_id_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
content-length: 90
expires: Thu, 08 Jul 2021 08:31:44 GMT

POST
H2 200 save
22bets.co/api/conversion/ 2 B
0 66ms
66ms Fetch
application/json 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://22bets.co/api/conversion/save

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/public/1xbower/dist/conversion.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
origin: https://22bets.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: SESSION=5f8d752139ba75c93b0e3f96884cabc1; lng=pt; flaglng=pt; dnb=1; _glhf=1625664478; is_rtl=1; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D; postback_watcher=%7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D; reflinkid=d_363513m_18281c_PT_Serg_Display; fast_coupon=true; v3r=1; auid=sv0Ui2DlZm5VrC1XAwMwAg==; tzo=2; _hjid=6045bde8-88be-4702-8a68-69467686b9c3; _hjFirstSeen=1; ggru=216
content-length: 144
:path: /api/conversion/save
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json
cache-control: no-store, no-cache, must-revalidate no-cache, private
set-cookie: lng=pt; expires=Fri, 06-Aug-2021 08:31:44 GMT; Max-Age=2592000; path=/ flaglng=pt; expires=Fri, 06-Aug-2021 08:31:44 GMT; Max-Age=2592000; path=/
content-length: 2
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 69DC 5 KB
2 KB 107ms
35ms Document
text/html 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=1559038&ADFdivider=%7C&ord=194197168840&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e8539f7860cb4b63d94a9c0ee4caff9646a23256282abefaf4e8e3091da18943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; CM=1|1; uid=4696076438286939563
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

server: nginx
date: Wed, 07 Jul 2021 08:31:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1625733104_1625646704_1_Hu7u4e4e4e7u7u4REREeERERERHhEA; expires=Wed, 21 Jul 2021 08:31:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
344 B 131ms
41ms Image
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=4530982277501607477&stamp=SU9G4YicpJoDvP-67D9Y4w2

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Jul 2021 08:31:44 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
343 B 131ms
42ms Image
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=4696076438286939563&stamp=TZX6-Xq71xQDvP-67D9Y4w2

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Jul 2021 08:31:44 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 3A07 52 KB
25 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8yMmJldHMuY286NDQz&hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=invisible&badge=inline&cb=xiememnxwtmj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 07:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:40:49 GMT

GET
H3-29 200 recaptcha__pt.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 3A07 343 KB
343 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be926bc930e44b898124c45f6a2574db3e93478386ecd99548843223794a3da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:03:21 GMT
x-content-type-options: nosniff
age: 102503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351066
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 04:03:21 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3A07 102 B
132 B 15ms
14ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0396a27ec9fe6c57c0d753a046d76a63ea482fbdc69b528de1ccd2d658c38091

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8yMmJldHMuY286NDQz&hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=invisible&badge=inline&cb=xiememnxwtmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 08:31:44 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 4A06 7 KB
1 KB 17ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e23cc1a43dd8dc60b38a08b60155c51fb0488310fed020ccc34620d9411e9b33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p7q1ndpntjKJPedUM/sF3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Jul 2021 08:31:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-p7q1ndpntjKJPedUM/sF3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 69DC 0
261 B 34ms
33ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 69DC
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304

43 B
424 B

230ms
228ms

Image
image/gif

18.156.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.99.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-99-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Jul 2021 08:31:45 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=4530982277501607477&Expiration=1626856304
date: Wed, 07 Jul 2021 08:31:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 69DC 0
522 B 102ms
36ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=4530982277501607477

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:44 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 06 Jul 2021 08:31:44 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 69DC 0
662 B 111ms
27ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4530982277501607477&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4530982277501607477&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=19cc9b57fdbb49558...
https://c1.adform.net/serving/cookie/match?party=9&uid=0b1e829243e678ed6d08f20195fd967e8f9520d980cc85bcbc2fdb7fdfafad3b

35 B
468 B

34ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=0b1e829243e678ed6d08f20195fd967e8f9520d980cc85bcbc2fdb7fdfafad3b

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=0b1e829243e678ed6d08f20195fd967e8f9520d980cc85bcbc2fdb7fdfafad3b
date: Wed, 07 Jul 2021 08:31:44 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4530982277501607477&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=7809814286089887494

35 B
468 B

34ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=7809814286089887494

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=7809814286089887494
pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame 69DC
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=4530982277501607477&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=4530982277501607477&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6
https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6&verify=true

0
1 KB

24ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=4530982277501607477&_origin=1&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 69DC 43 B
714 B 142ms
70ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1625646704368046-515
Expires: Wed, 07 Jul 2021 08:31:44 GMT

GET
H2

204

put
e1.emxdgt.com/ Frame 69DC
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=4530982277501607477
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=4530982277501607477
https://e1.emxdgt.com/put?d=d21&uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&gdpr=&gdpr_consent=

0
59 B

118ms
23ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&gdpr=&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
content-length: 0
content-type: text/html

Redirect headers

location: //e1.emxdgt.com/put?d=d21&uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&gdpr=&gdpr_consent=
date: Wed, 07 Jul 2021 08:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 69DC
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304&C=1

43 B
1006 B

51ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 07 Jul 2021 08:31:44 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4530982277501607477&expiration=1626856304&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Wed, 07 Jul 2021 08:31:44 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/tubemogul/1/ Frame 69DC
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4530982277501607477&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4530982277501607477&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=fe2060e5-6670-4900-96bc-504a5a9279b8&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=fc9e719b-c396-4c46-83aa-8ea66094ba77
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OEZCMzUxMDMyQzFCMjZEMw&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKqy--8p-lKKAUpbhvR8B98&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fuipglob.semasio.net%2Ftubemogul%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fuipglob.semasio.net%2Ftubemogul%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D%24%7BTM_USER_ID%7D%26sInitiator%3Dinternal&_test=Y...
https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YOVmcQAAKiNEqAAc&sInitiator=internal

42 B
603 B

52ms
52ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YOVmcQAAKiNEqAAc&sInitiator=internal
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1625646706.671303,VS0,VE93
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://uipglob.semasio.net/tubemogul/1/info?sType=sync&sExtCookieId=YOVmcQAAKiNEqAAc&sInitiator=internal
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 69DC 0
344 B 93ms
24ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=4530982277501607477&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 69DC 0
324 B 62ms
19ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 69DC 0
0 63ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

tpid=4530982277501607477
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 69DC
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4530982277501607477
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=4530982277501607477

49 B
738 B

51ms
50ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.166
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=4530982277501607477
cache-control: no-cache
x-server: 10.45.1.114
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 69DC 62 B
304 B 209ms
168ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:44 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 69DC
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4530982277501607477
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4530982277501607477

43 B
180 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:44 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=4530982277501607477
date: Wed, 07 Jul 2021 08:31:44 GMT
via: 1.1 google
server: OXGW/16.210.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 69DC
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

190ms
52ms

Image
image/gif

52.218.120.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.120.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: H6QP6HPPHDVZK4VK
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 1jLiE8U2xKnctyfudXKd98WwgsW7eYBg6N6fHuDL731w8VEPPtIEq9EcdYGnmSTY19JYtcFLr8k=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 07 Jul 2021 08:31:45 GMT
Server: akka-http/10.2.4
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 69DC 35 B
247 B 93ms
30ms Image
image/gif 51.210.112.63
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=4530982277501607477&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 69DC
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4530982277501607477
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202107070826e56cd30298c9bee1f&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=4437cd4fb47e6bc0322b06db99920340&idt_did_status=added&gdpr_consent=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTA3MDcwODI2ZTU2Y2QzMDI5OGM5YmVlMWY
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEG7DCT7KHAk-WL5QqSyrUMQ&google_cver=1
https://ib.adnxs.com/getuid?https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=$UID&request=1
https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=8057919136617922333&request=1

43 B
2 KB

26ms
25ms

Image
image/gif

139.162.159.252
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=8057919136617922333&request=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.159.252 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:45 GMT
Last-Modified: Wed, 07 Jul 2021 08:31:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:45 GMT
X-Proxy-Origin: 37.120.137.166; 37.120.137.166; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fad46949-feb5-4473-bbf8-42b0c936009f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.adsafety.net/?_cmsrc=appnexus&idt=100&did=8057919136617922333&request=1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 69DC 0
338 B 122ms
40ms Image
text/plain 99.80.93.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.93.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-93-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1625646705
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 69DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDUzMDk4MjI3NzUwMTYwNzQ3Nw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=NDUzMDk4MjI3NzUwMTYwNzQ3Nw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIy-pXLE3_lcrIVNjvMdoaI&google_cver=1&google_ula=1641347,0

35 B
468 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIy-pXLE3_lcrIVNjvMdoaI&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIy-pXLE3_lcrIVNjvMdoaI&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 69DC 0
261 B 39ms
33ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 69DC
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=8057919136617922333&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=4696076438286939563

43 B
996 B

44ms
44ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=4696076438286939563

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:45 GMT
X-Proxy-Origin: 37.120.137.166; 37.120.137.166; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 45812820-050f-4a57-9c97-029db0979fa9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=4696076438286939563
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 69DC 42 B
543 B 100ms
33ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:342
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 69DC 43 B
444 B 73ms
21ms Image
image/gif 65.9.66.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 17:49:12 GMT
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 52953
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 43
X-Amz-Cf-Id: qcUGyj0JXEqe2Qnkyf4K1lGoqJKeanI_vnlOo_z54EUO-0DiQs86Bw==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 69DC
Redirect Chain

https://a.audrte.com/a?adform_uid=4530982277501607477
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESELfXITtq5mwdFza65BFca0Q&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=6m4aeJYAevzRxGF3wW5jUgN2w&gdpr=0&gdpr_consent=

0
344 B

25ms
25ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=6m4aeJYAevzRxGF3wW5jUgN2w&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:45 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 07 Jul 2021 08:31:45 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=6m4aeJYAevzRxGF3wW5jUgN2w&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4530982277501607477&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4530982277501607477&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=85518312080324865790247256430165514348&noredirect=1

35 B
477 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=85518312080324865790247256430165514348&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v012-0fbda37af.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XtWPpvZJSQc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=85518312080324865790247256430165514348&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 69DC
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4530982277501607477
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165021103840000142013

35 B
477 B

37ms
35ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165021103840000142013

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165021103840000142013
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 69DC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6982099432829155475

35 B
468 B

35ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6982099432829155475

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6982099432829155475
Date: Wed, 07 Jul 2021 08:31:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 69DC 62 B
725 B 170ms
169ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:45 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: dde4
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=fe2060e5-6670-4900-96bc-504a5a9279b8

35 B
468 B

37ms
36ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=fe2060e5-6670-4900-96bc-504a5a9279b8

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 07 Jul 2021 08:31:45 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=fe2060e5-6670-4900-96bc-504a5a9279b8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 07 Jul 2021 08:31:35 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=HDZWiMtl1M12Y95

35 B
477 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=HDZWiMtl1M12Y95

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:44 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=HDZWiMtl1M12Y95
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 69DC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=fc9e719b-c396-4c46-83aa-8ea66094ba77

35 B
468 B

34ms
33ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=fc9e719b-c396-4c46-83aa-8ea66094ba77

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=fc9e719b-c396-4c46-83aa-8ea66094ba77
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 69DC 0
72 B 609ms
151ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 69DC
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=4530982277501607477
https://id5-sync.com/c/10/10/2/1.gif?puid=4530982277501607477&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOiCzAd8IriF94krxariPj12WHD2Jk_r8v9aRatg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=53cb9ba7-6bfb-44a2-8d69-406321934bfb&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGoALTnsK3ZEu1Z15HTCHQY&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8057919136617922333&opid=apx&ops=&utidl=tech:goo:CAESEGoALTnsK3ZEu1Z15HTCHQY&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A18795895369&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

43 B
1 KB

31ms
30ms

Image
image/gif

152.228.227.62
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A18795895369&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

152.228.227.62 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A18795895369&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
date: Wed, 07 Jul 2021 08:31:46 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 69DC
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3429775662
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.Vo9SRBbBy5dQLMbqmiKm.

35 B
468 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.Vo9SRBbBy5dQLMbqmiKm.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
via: 1.1 google
last-modified: Wed, 07 Jul 2021 08:31:45 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.Vo9SRBbBy5dQLMbqmiKm.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 69DC 23 B
288 B 375ms
54ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=4530982277501607477
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 07 Jul 2021 08:31:45 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 69DC
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477&cs=1

35 B
376 B

24ms
24ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=4530982277501607477&cs=1
date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

usersync
match.bnmla.com/ Frame 69DC
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4530982277501607477
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4530982277501607477&cookieCheck=1
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=c30ba702500220a6dd01&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg
https://s.ad.smaato.net/c/?adExInit=g
https://match.bnmla.com/usersync?sspid=16&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1000265%26dspCookie%3D%5BUUID%5D

0
114 B

363ms
120ms

Image
text/plain

38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=16&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1000265%26dspCookie%3D%5BUUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Wed, 07 Jul 2021 08:31:45 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.bnmla.com/usersync?sspid=16&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1000265%26dspCookie%3D%5BUUID%5D
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: QwzwCMdUyAsQ7yQiDP9Iws1e4ltkD7EENhCVVeONnhbJfGIV946SYw==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 69DC
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=4530982277501607477&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=4530982277501607477&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=cb5679e6-fd9b-464a-944a-3ddf90301e69

35 B
468 B

34ms
34ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=cb5679e6-fd9b-464a-944a-3ddf90301e69

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Wed, 07 Jul 2021 08:31:46 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=cb5679e6-fd9b-464a-944a-3ddf90301e69
alt-svc: clear
content-length: 0

GET
H2 200 4530982277501607477
match.contentexchange.me/adform/ Frame 69DC 0
49 B 1139ms
34ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/4530982277501607477?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 69DC
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=4530982277501607477&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4530982277501607477&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

32ms
32ms

Image
image/gif

18.197.137.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=4530982277501607477&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=4530982277501607477&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 07 Jul 2021 08:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 69DC 0
261 B 41ms
38ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=4530982277501607477&agencyId=6081&advertiserId=2024710&src=tp&rnd=596356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 32ms
32ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=b76bb061ad9d75a8c582821d22792f92fde554995393d04b4620edf838b2a0f2&ttl=&rurl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:42 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 4A06 52 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 07:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 07:40:49 GMT

GET
H3-29 200 recaptcha__pt.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 4A06 343 KB
343 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be926bc930e44b898124c45f6a2574db3e93478386ecd99548843223794a3da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:03:21 GMT
x-content-type-options: nosniff
age: 102503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351066
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 04:03:21 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4A06 35 KB
21 KB 58ms
57ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__pt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2054a4888a43bd0e79e90f3991e7c59936acc53067fbad19f18af259fd4277ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 08:31:45 GMT

GET
H3-29 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4A06 600 B
622 B 9ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:57:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 84832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Tue, 13 Jul 2021 08:57:53 GMT

GET
H3-29 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4A06 530 B
552 B 9ms
7ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 13:51:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 67209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Tue, 13 Jul 2021 13:51:36 GMT

GET
H3-29 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 4A06 665 B
687 B 10ms
7ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 106280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Tue, 13 Jul 2021 03:00:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A06 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 114529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A06 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 02:41:59 GMT
x-content-type-options: nosniff
age: 107386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 02:41:59 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A06 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 115253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 payload
www.google.com/recaptcha/api2/ Frame 4A06 21 KB
21 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq275YvExr_6IOZNFmk873wBPt3yDXMJnwFY7G5bbsVSTG7LVPQpVQ7CBW_tjHlNM0CL2GDUPeUA6M0evUv8kyQfktUJloLERlxDeFpx-uFRqRvmz6scW_8-kajdDvzoL4yzKpIVwgDxQvxRyPjfZH53ojQHYOMUaKGZV1USZLMqFMlTY_YS1tu1Uu5K2_j7Wa6PTJGUD9HcoS8PbOt4rF6q8_H8PJw&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6cbe3b6294c0aa7a418c1226f6c6c3ba8a1553e5843ede0236c2d85eb136bab5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=pt&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&cb=bjghfrx8z5yw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:45 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21371
x-xss-protection: 1; mode=block
expires: Wed, 07 Jul 2021 08:31:45 GMT

GET
H2 200 injector.js Show response
suphelper.com/widget/ 164 KB
44 KB 74ms
49ms Script
application/javascript 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/injector.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a35afbd0e80700d2cfee585c03aea932bff49b2c3a070c6f398c35717264fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google-analytics.com https://www.google-analytics.com/analytics.js .googletagmanager.com https://www.googletagmanager.com/gtag/ .google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su .chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Security-Policy	default-src 'self'; script-src 'self' .google-analytics.com https://www.google-analytics.com/analytics.js .googletagmanager.com https://www.googletagmanager.com/gtag/ .google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su .chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' *.google-analytics.com https://www.google-analytics.com/analytics.js *.googletagmanager.com https://www.googletagmanager.com/gtag/ *.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 118
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jul 2021 07:18:16 GMT
server: cloudflare
etag: W/"290e9-17a7fd4e2c0"
x-download-options: noopen
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 66afb7ebfcc01766-FRA
x-webkit-csp: default-src 'self'; script-src 'self' *.google-analytics.com https://www.google-analytics.com/analytics.js *.googletagmanager.com https://www.googletagmanager.com/gtag/ *.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
x-content-security-policy: default-src 'self'; script-src 'self' *.google-analytics.com https://www.google-analytics.com/analytics.js *.googletagmanager.com https://www.googletagmanager.com/gtag/ *.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
42 KB 14ms
13ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVCDDRT

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/common_22bet.8ed64ec1071de30cea17.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25358137b3ca2cab4bbbb5dc15e41040abeff1970428d9fee5920297c18923a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43322
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jul 2021 08:31:46 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 221 KB
71 KB 151ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/bundle/app/Bet22/Desktop/common_22bet.8ed64ec1071de30cea17.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ac0ebb80cc23977a364955d1be04438b5ede083f1c0a02fc5832ee1d57bf637a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: br
last-modified: Tue, 06 Jul 2021 10:31:09 GMT
etag: "60dc796d-118bb"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71867
expires: Wed, 07 Jul 2021 09:31:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVCDDRT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3961
date: Wed, 07 Jul 2021 07:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 07 Jul 2021 09:25:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: jm4JCPevsURJqBDJONtMsL2xqMoH3hNiIBih2su6qsky6vddw8vHnBkf3HC8hbfwMF9AJ61aD0tA8iQH+C51dA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 30ms
30ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=f4e470ee26b052577662faa0183442f9066da4897ba47949edae4ffb16962a1b

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVCDDRT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e269f8ccf967ce2888a19df2e5fcbf60e19e441cf5bafe1e9867cbb51411448d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:43 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 198 KB
29 KB 93ms
71ms Script
application/javascript 2a02:26f0:6c00::210:bac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAL
Requested by: Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8382281039063b9ea031f17b08a111a5795b67f2fb503475fd4ea153ccd8d489

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: gzip
cache-control: max-age=900, public
vary: Accept-Encoding
content-type: application/javascript
x-n: S
content-length: 29055
apigw-requestid: CFzx8gb2joEEJ8Q=

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 31ms
28ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TVCDDRT&cv=80&v=3&t=t&pid=1951706795&rv=6u0&es=1&e=gtm.init_consent&eid=1&tc=26&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 25ms
22ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TVCDDRT&cv=80&v=3&t=t&pid=1951706795&rv=6u0&es=1&e=gtm.init&eid=2&tc=26&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 86ms
29ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=fc003f26d763657ad835e9b38fd1f027
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exosrv.com/ 0
417 B 86ms
30ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exosrv.com/tag.php?goal=fc003f26d763657ad835e9b38fd1f027
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ 0
418 B 84ms
28ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=fc003f26d763657ad835e9b38fd1f027
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ 0
419 B 90ms
32ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=6dd3e48a8c411fad22210d8cb69168d1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 96ms
34ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=6dd3e48a8c411fad22210d8cb69168d1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exosrv.com/ 0
417 B 93ms
30ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exosrv.com/tag.php?goal=6dd3e48a8c411fad22210d8cb69168d1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ 0
418 B 83ms
31ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=6dd3e48a8c411fad22210d8cb69168d1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ctrack
ctrack.trafficjunky.net/ 35 B
827 B 362ms
121ms Image
image/gif 64.210.149.57
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=22bet.com&cookiename=notregistered&maxcookiecount=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.210.149.57 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: openresty /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:46 GMT
Server: openresty
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type
Content-Length: 35
Expires: Sun, 22 Jan 1984 03:00:00 GMT

GET
H/1.1 200
OK ctrack
ctrack.trafficjunky.net/ 35 B
831 B 449ms
136ms Image
image/gif 64.210.149.57
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered-new&context=22bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.210.149.57 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: openresty /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: openresty
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type
Content-Length: 35
Expires: Sun, 22 Jan 1984 03:00:00 GMT

GET
H2 200 04529abc-1c71-42d9-aa36-a4616c8fcfa8
tsyndicate.com/api/v1/retargeting/set/ 35 B
447 B 325ms
24ms Image
image/gif 148.251.152.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/04529abc-1c71-42d9-aa36-a4616c8fcfa8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.152.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: 8acab0c1bbf75441
expires: 0

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TVCDDRT&cv=80&v=3&t=t&pid=1951706795&rv=6u0&es=1&e=gtm.js&eid=3&tc=26&tr=1ua.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1fsl.1cl.1html.5html.1html.5html.1html.5html.1html.1html.5html&ti=1ua.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1fsl.1cl.1html.1html.1html.1html.1html.1html.1html.1html.1html&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 24ms
23ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TVCDDRT&cv=80&v=3&t=t&pid=1951706795&rv=6u0&es=1&e=gtm.dom&eid=5&tc=26&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 23ms
23ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TVCDDRT&cv=80&v=3&t=t&pid=1951706795&rv=6u0&es=1&e=gtm.load&eid=6&tc=26&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=533285990&t=pageview&_s=1&dl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&ul=en-us&de=UTF-8&dt=Registo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=609943702&gjid=872973599&cid=1498542047.1625646707&tid=UA-130528492-1&_gid=1952923381.1625646707&_r=1&gtm=2wg6u0TVCDDRT&z=687723824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://22bets.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 670976713419649 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/670976713419649?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7203f501fde8d9973e357460774799e1e0739e6546e9ce16dffc2f64462e356

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75925
x-xss-protection: 0
pragma: public
x-fb-debug: Sa+AQ+JpBwKkvcX85dGdRvlE1Rum/PB8mjjWg69d9WJhxcmmQ6DdVwzt9lZjMW+sWGP3D2iXZvvpV80xJEmQ5g==
x-frame-options: DENY
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 / Show response
suphelper.com/widget/ Frame 4A4D 11 KB
4 KB 28ms
18ms Document
text/html 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/injector.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c028c5d4bb0026b0db86afd0b54e0e93cdddd73e808e6ac9744d52ffe550b34f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-1430c915-7ca0-4aeb-919c-54a293f1491c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: suphelper.com
:scheme: https
:path: /widget/?build=1625642276079&lang=pt&langInited=true&opener=full
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://22bets.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://22bets.co/

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-1430c915-7ca0-4aeb-919c-54a293f1491c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=2592000
etag: W/"2dd5-D9cXyTh28OVebcqUgjg2t4Qzjbw"
vary: Accept-Encoding
cf-cache-status: HIT
age: 859
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66afb7ec9a32dff3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-130528492-1&cid=1498542047.1625646707&jid=609943702&gjid=872973599&_gid=1952923381.1625646707&_u=YEBAAEAAAAAAAC~&z=602550631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 07 Jul 2021 08:31:46 GMT
content-type: text/plain
access-control-allow-origin: https://22bets.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 392065698407093 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/392065698407093?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41d74429ce0163838e25f484279e87a747a3f60d9c3d079f9a2d0257b1d60e34

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75855
x-xss-protection: 0
pragma: public
x-fb-debug: ilRA+1y8AoOqe4yaNUBc3N5g0GnFsl0yCFd9fJ31UGzj1JnUI5BQHzD2LXY5nyIzQR1PhWRcztkm3i/x5bLZ3w==
x-frame-options: DENY
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=670976713419649&ev=PageView&dl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&rl=&if=false&ts=1625646706668&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625646706666.1277052766&it=1625646706604&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 07 Jul 2021 08:31:46 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-130528492-1&cid=1498542047.1625646707&jid=609943702&_u=YEBAAEAAAAAAAC~&z=237801780

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 37ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-130528492-1&cid=1498542047.1625646707&jid=609943702&_u=YEBAAEAAAAAAAC~&z=237801780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 4A4D 91 KB
36 KB 19ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195129676-1

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9412f3618417df042451222453d48102caa35415e40d5fb46d063813ba3caecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://suphelper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36979
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jul 2021 08:31:46 GMT

GET
H3-29 200 pt-BR.js Show response
suphelper.com/widget/api/i18n-source/ Frame 4A4D 16 KB
5 KB 28ms
26ms Script
application/javascript 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/api/i18n-source/pt-BR.js?bn=1625642276079

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca1bd60853ad996bcfb78315bf1c24bdb651e59d496b50fe5646d1d2771a2e0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-378ddf07-d717-450a-866c-750a60861577' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-378ddf07-d717-450a-866c-750a60861577' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3773
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"413c-em3ypNmKILUVh/nnmR4GQBmJQ2w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=864000
cf-ray: 66afb7ecca80dff3-FRA

GET
H3-29 200 chunk.a484a19726b099db2d20.js Show response
suphelper.com/widget/public/ Frame 4A4D 1 MB
391 KB 19ms
18ms Script
application/javascript 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/public/chunk.a484a19726b099db2d20.js

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc026dd0aadc6d2501050f5792c481769250d07a704d49a123bf6ba886197d70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-9c1aeba3-e1da-44b8-97f7-2e2daca350c5' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-9c1aeba3-e1da-44b8-97f7-2e2daca350c5' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-9c1aeba3-e1da-44b8-97f7-2e2daca350c5' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4061
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jul 2021 07:18:27 GMT
server: cloudflare
etag: W/"169d2f-17a7fd50db8"
x-download-options: noopen
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 66afb7ecca82dff3-FRA
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-9c1aeba3-e1da-44b8-97f7-2e2daca350c5' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-9c1aeba3-e1da-44b8-97f7-2e2daca350c5' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/

GET
H3-29 200 bundle.ce6f89a3e22d06fcb3de.js Show response
suphelper.com/widget/public/ Frame 4A4D 168 KB
37 KB 20ms
18ms Script
application/javascript 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/public/bundle.ce6f89a3e22d06fcb3de.js

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3d0b90a30b5595ee62664068cd9aa5638f567d77cbe55cfd40ecc2ee43364

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f4274ebe-b296-40a0-9aa2-7a8413603157' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f4274ebe-b296-40a0-9aa2-7a8413603157' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f4274ebe-b296-40a0-9aa2-7a8413603157' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4061
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jul 2021 07:18:27 GMT
server: cloudflare
etag: W/"2a153-17a7fd50db8"
x-download-options: noopen
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 66afb7ecca83dff3-FRA
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f4274ebe-b296-40a0-9aa2-7a8413603157' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f4274ebe-b296-40a0-9aa2-7a8413603157' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/

GET
H3-29 200 talk.16399b00c482d1e1e4c80e076c333cb6.svg
suphelper.com/widget/assets/ Frame 4A4D 341 B
1 KB 21ms
20ms Image
image/svg+xml 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://suphelper.com/widget/assets/talk.16399b00c482d1e1e4c80e076c333cb6.svg

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b86c0c4cb888372ed71eba9f2b5fd35f292b6876413fecea6e7023e880cb95b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google-analytics.com https://www.google-analytics.com/analytics.js .googletagmanager.com https://www.googletagmanager.com/gtag/ .google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su .chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' *.google-analytics.com https://www.google-analytics.com/analytics.js *.googletagmanager.com https://www.googletagmanager.com/gtag/ *.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1423487
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Jun 2021 09:09:25 GMT
server: cloudflare
etag: W/"155-17a193b7588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 66afb7ecda8ddff3-FRA

GET
H3-29 200 roll_up.b7a1632bea7ba7d1c4a667e88144a7db.svg
suphelper.com/widget/assets/ Frame 4A4D 472 B
1 KB 21ms
20ms Image
image/svg+xml 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://suphelper.com/widget/assets/roll_up.b7a1632bea7ba7d1c4a667e88144a7db.svg

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce0b9ce33eb038dd3e953705de4c974ebf4d2884a9e59ad32a9e31b45b13dd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google-analytics.com https://www.google-analytics.com/analytics.js .googletagmanager.com https://www.googletagmanager.com/gtag/ .google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su .chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' *.google-analytics.com https://www.google-analytics.com/analytics.js *.googletagmanager.com https://www.googletagmanager.com/gtag/ *.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/ https://code.jquery.com/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp1/
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1423487
x-dns-prefetch-control: off
date: Wed, 07 Jul 2021 08:31:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Jun 2021 09:09:25 GMT
server: cloudflare
etag: W/"1d8-17a193b7588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 66afb7ecda8fdff3-FRA

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 39 KB
12 KB 64ms
55ms Script
application/javascript 2a02:26f0:6c00::210:bac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAAL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "5ff82a1c468a89919e9437d33e0402cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
content-length: 11553
x-amz-cf-id: Vv5bnFBiD-4m83GU1PtYccG3VsK3la3aBl3jX9Yj5KEN5AlfJC82xw==

GET
H2

200

_adsCookieSyncCallback Show response
echoback.ads.sportradar.com/echoBack/
Redirect Chain

https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dc36...
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=c364a710-cb21-4ff7-9011-683e75c30e40

74 B
151 B

151ms
43ms

Script
text/plain

63.35.174.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=c364a710-cb21-4ff7-9011-683e75c30e40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.174.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 84b1888ab1d4f665b12b2e4cce0bb4881f1170a0c9d4790f919b7fefcbb9d5eb

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
content-length: 74
content-type: text/plain;charset=UTF-8

Redirect headers

location: https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=c364a710-cb21-4ff7-9011-683e75c30e40
date: Wed, 07 Jul 2021 08:31:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1083&id=1463
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1083&id=1463

2 KB
3 KB

55ms
54ms

Script
text/javascript

18.185.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1083&id=1463
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f6f90ec05de17ce973e5361c3f2b54feab5913f4e1f08279c23ed881c98d53af

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 1727
Content-Type: text/javascript; charset=UTF-8

Redirect headers

Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1083&id=1463
Date: Wed, 07 Jul 2021 08:31:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=392065698407093&ev=PageView&dl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&rl=&if=false&ts=1625646706730&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625646706666.1277052766&it=1625646706604&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 07 Jul 2021 08:31:46 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 4A4D 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195129676-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://suphelper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3961
date: Wed, 07 Jul 2021 07:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 07 Jul 2021 09:25:45 GMT

GET
H2 200 sp-2.14.0.js Show response
tracker.ads.sportradar.com/dist// 98 KB
30 KB 139ms
139ms Script
application/javascript 2a02:26f0:6c00::210:bac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-2.14.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
content-length: 30370
x-amz-cf-id: TvuKzyrhtpUTPzP72i-TutTGcWiwcj4mqwj99v4uFAv8fyoXqiYIgg==

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9327.LIVTy41_0aJyrwRTNJnQAapB1b7VIRhWk64ZGFObB-GP5fOEGj_JsnEGFOOnGIvx.wSxFanSQaDqzAE2lvKfaauXWwLg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9327.MXzUZEXLKxUnY8bvZUpTt7YihDtReA3n1zZaQr5rWEClCHbATYcCEqndc8sZF-P1xzlUUKWme7towxycaLc20A%2C%2C.qNttax96EawJG_4LCjjaFjCLdzg%2C

75 B
75 B

94ms
94ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9327.MXzUZEXLKxUnY8bvZUpTt7YihDtReA3n1zZaQr5rWEClCHbATYcCEqndc8sZF-P1xzlUUKWme7towxycaLc20A%2C%2C.qNttax96EawJG_4LCjjaFjCLdzg%2C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9327.MXzUZEXLKxUnY8bvZUpTt7YihDtReA3n1zZaQr5rWEClCHbATYcCEqndc8sZF-P1xzlUUKWme7towxycaLc20A%2C%2C.qNttax96EawJG_4LCjjaFjCLdzg%2C
date: Wed, 07 Jul 2021 08:31:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:46 GMT
last-modified: Tue, 06 Jul 2021 10:31:09 GMT
etag: "60dc796d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Jul 2021 09:31:46 GMT

GET
H3-29 200 new-message.mp3 Show response
suphelper.com/widget/assets/sounds/ Frame 4A4D 29 KB
30 KB 17ms
17ms XHR
audio/mpeg 2606:4700::6810:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://suphelper.com/widget/assets/sounds/new-message.mp3

Requested by

Host: suphelper.com
URL: https://suphelper.com/widget/public/chunk.a484a19726b099db2d20.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d7faab01-4439-4b25-9f34-3476980b0331' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com .suphelper.com https://cons.insystem.su wss://cons.insystem.su .cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suphelper.com/widget/?build=1625642276079&lang=pt&langInited=true&opener=full
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1423488
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29952
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Jun 2021 09:09:25 GMT
server: cloudflare
etag: W/"7500-17a193b7588"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: audio/mpeg
cache-control: public, max-age=2592000
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d7faab01-4439-4b25-9f34-3476980b0331' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
accept-ranges: bytes
cf-ray: 66afb7eede03dff3-FRA

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 96ms
95ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=f4e470ee26b052577662faa0183442f9066da4897ba47949edae4ffb16962a1b&ttl=&rurl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:44 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H/1.1 200
OK i
serving.ads.sportradar.com/ 43 B
533 B 246ms
45ms Image
image/gif 54.228.128.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.ads.sportradar.com/i?stm=1625646707141&e=pv&url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&page=Registo&tv=js-2.14.0&tna=cf&aid=sr-tracker-22bets-co&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f193f252-7d0a-42af-8988-531aeb3114fa&dtm=1625646707138&vp=1600x1200&ds=1600x1532&vid=1&sid=8b3f03b0-27e3-4402-86ad-478edabb07f2&duid=d866ec7c-f53f-44ac-b37f-b6bc56a1e838&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjE0OTg1NDIwNDcuMTYyNTY0NjcwNyJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLnNwb3J0cmFkYXIuYWRzL2RzcC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJkc3BfdHlwZSI6ImpzIiwiZHNwX2FpZCI6IjEwODMiLCJkc3BfaWQiOiIxNDYzIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc3BvcnRyYWRhci5hZHMvdGFnbWFuYWdlci9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJjb250YWluZXJJZCI6IlNUTS1BQUFBQUwiLCJldmVudE5hbWUiOiJ0cmFjay5wYWdlLnZpZXciLCJhZmZpbGlhdGVJZCI6IjEwODMiLCJhZmZpbGlhdGVUeXBlIjoiYWR2ZXJ0aXNlciJ9fV19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.128.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: akka-http/10.1.12 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: akka-http/10.1.12
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43

GET
H/1.1

200
OK

bsw_sync
eu.sportradarserving.com/
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=409&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://eu.sportradarserving.com/bsw_sync?bsw_uid=7583981b-85d3-4792-bcfb-afc9f44e9b60

43 B
300 B

333ms
21ms

Image
image/gif

18.185.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/bsw_sync?bsw_uid=7583981b-85d3-4792-bcfb-afc9f44e9b60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: //eu.sportradarserving.com/bsw_sync?bsw_uid=7583981b-85d3-4792-bcfb-afc9f44e9b60
date: Wed, 07 Jul 2021 08:31:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=8849abe6-0e9d-465a-a1ff-fd786ed1aaf3
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7583981b-85d3-4792-bcfb-afc9f44e9b60

0
257 B

93ms
29ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7583981b-85d3-4792-bcfb-afc9f44e9b60
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 07 Jul 2021 08:31:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15783

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7583981b-85d3-4792-bcfb-afc9f44e9b60
date: Wed, 07 Jul 2021 08:31:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=d2f1346d-0969-44b3-b738-5ea378832847
https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60
https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60&dnr=1

0
433 B

44ms
43ms

Image
text/plain

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=26&3pid=7583981b-85d3-4792-bcfb-afc9f44e9b60&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c364a710-cb21-4ff7-9011-683e75c30e40&cb=334df887-a4df-4089-afc6-902c76ebc0f9
https://pixel.advertising.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent=&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6

0
1 KB

331ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent=&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=7583981b-85d3-4792-bcfb-afc9f44e9b60&_origin=1&gdpr=&gdpr_consent=&apid=UPc31298dc-defd-11eb-93ce-02a83e3c26e6
date: Wed, 07 Jul 2021 08:31:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 usersyncs
api.feedad.com/1.1/web/ 42 B
330 B 150ms
36ms Image
image/gif 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=c364a710-cb21-4ff7-9011-683e75c30e40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 8ef0c68bf06ff9b8a25e28ac32bbdf85
cache-control: private
x-appengine-log-flush-count: 0
content-length: 42
expires: Wed, 07 Jul 2021 08:31:47 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=670976713419649&ev=Microdata&dl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&rl=&if=false&ts=1625646707220&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Registo%22%2C%22meta%3Adescription%22%3A%22Registo%20-%2022bet.com%20Casa%20de%20Apostas.%20Odds%20Altas.%20Servi%C3%A7o%20ao%20Cliente%2024%20horas%20por%20dia%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Registo%22%2C%22og%3Adescription%22%3A%22Registo%20-%2022bet.com%20Casa%20de%20Apostas.%20Odds%20Altas.%20Servi%C3%A7o%20ao%20Cliente%2024%20horas%20por%20dia%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F22bets.co%2Fpt%2Fregistration%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fv2l.cdnsfree.com%2Fgenfiles%2Fcms%2Fpg%2F151%2Fimages%2Fbce8ef59a10dfa474cbc0c521b7f8a9c.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1625646706666.1277052766&it=1625646706604&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 07 Jul 2021 08:31:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/49123291/
Redirect Chain

https://mc.yandex.com/watch/49123291?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2e...
https://mc.yandex.com/watch/49123291/1?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D...

203 B
284 B

59ms
58ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49123291/1?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A1081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1204533036665%3Ahid%3A773949343%3Az%3A120%3Ai%3A202107070103146%3Aet%3A1625646707%3Ac%3A1%3Arn%3A494840920%3Au%3A16256467071029675804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625646702289%3Ads%3A33%2C63%2C345%2C21%2C0%2C0%2C%2C1039%2C36%2C4241%2C4241%2C5%2C1488%3Adsn%3A33%2C63%2C345%2C21%2C%2C0%2C%2C1021%2C36%2C4240%2C4240%2C6%2C1488%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625646707%3At%3ARegisto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7c0a8ac26d86b90717014aae6129fdec2400f24f6c408caaef301f73361b72bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 07-Jul-2021 08:31:47 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://22bets.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Wed, 07-Jul-2021 08:31:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Jul 2021 08:31:47 GMT
last-modified: Wed, 07-Jul-2021 08:31:47 GMT
location: /watch/49123291/1?wmode=7&page-url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A1081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1204533036665%3Ahid%3A773949343%3Az%3A120%3Ai%3A202107070103146%3Aet%3A1625646707%3Ac%3A1%3Arn%3A494840920%3Au%3A16256467071029675804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625646702289%3Ads%3A33%2C63%2C345%2C21%2C0%2C0%2C%2C1039%2C36%2C4241%2C4241%2C5%2C1488%3Adsn%3A33%2C63%2C345%2C21%2C%2C0%2C%2C1021%2C36%2C4240%2C4240%2C6%2C1488%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625646707%3At%3ARegisto
strict-transport-security: max-age=31536000
access-control-allow-origin: https://22bets.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 07-Jul-2021 08:31:47 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=392065698407093&ev=Microdata&dl=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&rl=&if=false&ts=1625646707242&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Registo%22%2C%22meta%3Adescription%22%3A%22Registo%20-%2022bet.com%20Casa%20de%20Apostas.%20Odds%20Altas.%20Servi%C3%A7o%20ao%20Cliente%2024%20horas%20por%20dia%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Registo%22%2C%22og%3Adescription%22%3A%22Registo%20-%2022bet.com%20Casa%20de%20Apostas.%20Odds%20Altas.%20Servi%C3%A7o%20ao%20Cliente%2024%20horas%20por%20dia%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F22bets.co%2Fpt%2Fregistration%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fv2l.cdnsfree.com%2Fgenfiles%2Fcms%2Fpg%2F151%2Fimages%2Fbce8ef59a10dfa474cbc0c521b7f8a9c.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1625646706666.1277052766&it=1625646706604&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 07 Jul 2021 08:31:47 GMT

GET
H/1.1 200
OK i
serving.ads.sportradar.com/ 43 B
533 B 45ms
45ms Image
image/gif 54.228.128.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.ads.sportradar.com/i?stm=1625646707390&e=se&se_ca=cookie_sync&se_ac=d866ec7c-f53f-44ac-b37f-b6bc56a1e838&se_la=c364a710-cb21-4ff7-9011-683e75c30e40&tv=js-2.14.0&tna=cf&aid=sr-tracker-22bets-co&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=a5fe4704-9a79-4926-9955-42381e9e34b7&dtm=1625646707267&vp=1600x1200&ds=1600x1532&vid=1&sid=8b3f03b0-27e3-4402-86ad-478edabb07f2&duid=d866ec7c-f53f-44ac-b37f-b6bc56a1e838&url=https%3A%2F%2F22bets.co%2Fpt%2Fregistration%2F%3Ftag%3Dd_363513m_18281c_PT_Serg_Display%26pb%3D125dc778a7c14714a4038c1a1452c743%26click_id%3D2eb8ijl50bit%26sub_id%3D2eb8ijl50bit&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjE0OTg1NDIwNDcuMTYyNTY0NjcwNyJ9fV19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.128.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: akka-http/10.1.12 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://22bets.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:31:47 GMT
Server: akka-http/10.1.12
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43

GET
H2 200 1st_casino_bg.png
22bets.co/default/img/bet22/bonuses/new/ 35 KB
35 KB 22ms
22ms Image
image/png 178.253.20.139
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://22bets.co/default/img/bet22/bonuses/new/1st_casino_bg.png

Requested by

Host: 22bets.co
URL: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.20.139 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

647a0f978c23cc7d787376a28f37651cc4bedf5c7549822cf961b4d154017c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /default/img/bet22/bonuses/new/1st_casino_bg.png
pragma: no-cache
cookie: _ym_visorc=b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 22bets.co
referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://22bets.co/pt/registration/?tag=d_363513m_18281c_PT_Serg_Display&pb=125dc778a7c14714a4038c1a1452c743&click_id=2eb8ijl50bit&sub_id=2eb8ijl50bit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:51 GMT
last-modified: Fri, 25 Sep 2020 11:19:10 GMT
server: nginx
etag: "5f6dd22e-8aaa"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 35498
expires: Thu, 08 Jul 2021 08:31:51 GMT

GET
H2 200 casino_icon.png
v2l.cdnsfree.com/default/img/bet22/bonuses/ 2 KB
2 KB 198ms
198ms Image
image/png 8.253.204.241
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2l.cdnsfree.com/default/img/bet22/bonuses/casino_icon.png
Requested by: Host: v2l.cdnsfree.com
URL: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.241 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 18adb8c352ba4d8fcf476c156482558ece1990c2c78cbd361a85318c6eaaa2f4

Request headers

Referer: https://v2l.cdnsfree.com/styles/css/bet22/main.63a3a324dda66d638795763c6cd169b9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:31:51 GMT
last-modified: Tue, 31 Mar 2020 08:19:16 GMT
server: nginx
age: 3296
etag: "5e82fd04-8a0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2208
expires: Wed, 07 Jul 2021 08:36:55 GMT

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 19:35:33	Name: CM Value: 1\|1
.adform.net/	1970-01-19 20:18:45	Name: C Value: 1
.google.com/recaptcha	1970-01-19 23:53:18	Name: _GRECAPTCHA Value: 09AHvtmbAWvpUzNndWAWyYoJCjAzzfBdbMUBFnfL2TALahsPswV5WO9eh5Y25qaApr_dZkmw9IuOi6Gw-6Tw6CTl4
22bets.co/	1969-12-31 23:59:59	Name: ggru Value: 216
.22bets.co/	1970-01-20 04:19:42	Name: _hjid Value: 6045bde8-88be-4702-8a68-69467686b9c3
22bets.co/	1970-01-20 04:19:42	Name: auid Value: sv0Ui2DlZm5VrC1XAwMwAg==
22bets.co/	1970-01-20 04:19:42	Name: is_rtl Value: 1
22bets.co/	1970-01-19 19:34:10	Name: reflinkid Value: d_363513m_18281c_PT_Serg_Display
.adform.net/	1970-01-19 19:54:16	Name: CM14 Value: 1625733104_1625646704_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
22bets.co/	1970-01-19 19:34:10	Name: dnb Value: 1
22bets.co/	1970-01-19 21:00:30	Name: referral_values Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D
22bets.co/	1969-12-31 23:59:59	Name: tzo Value: 2
22bets.co/	1970-01-19 19:34:10	Name: _glhf Value: 1625664478
.adform.net/	1970-01-19 21:00:30	Name: uid Value: 4696076438286939563
.22bets.co/	1970-01-19 19:34:08	Name: _hjFirstSeen Value: 1
22bets.co/	1970-01-19 20:17:18	Name: flaglng Value: pt
22bets.co/	1970-02-07 15:12:32	Name: v3r Value: 1
22bets.co/	1970-01-19 20:17:18	Name: lng Value: pt
22bets.co/	1970-01-19 19:44:11	Name: fast_coupon Value: true
22bets.co/	1970-01-19 20:17:18	Name: postback_watcher Value: %7B%22tag%22%3A%22d_363513m_18281c_PT_Serg_Display%22%2C%22pb%22%3A%22125dc778a7c14714a4038c1a1452c743%22%2C%22click_id%22%3A%222eb8ijl50bit%22%2C%22sub_id%22%3A%222eb8ijl50bit%22%7D
22bets.co/	1969-12-31 23:59:59	Name: SESSION Value: 5f8d752139ba75c93b0e3f96884cabc1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22bets.co
a.audrte.com
a.sportradarserving.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
api.feedad.com
beacon.krxd.net
c1.adform.net
ce.lijit.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
cookconfig.net
cookie-matching.mediarithmics.com
ctrack.trafficjunky.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
echoback.ads.sportradar.com
eu-u.openx.net
eu.sportradarserving.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
main.exdynsrv.com
main.exoclick.com
main.exosrv.com
main.realsrv.com
match.adsrvr.org
match.bnmla.com
match.contentexchange.me
mc.yandex.com
mc.yandex.ru
my.rtmark.net
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rtd-tm.everesttech.net
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
server.seadform.net
serving.ads.sportradar.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
suphelper.com
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
tracker.ads.sportradar.com
tsyndicate.com
uipglob.semasio.net
ups.analytics.yahoo.com
v2l.cdnsfree.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.111.218.85
104.111.242.245
13.224.193.31
13.224.193.91
13.225.87.11
13.225.87.40
136.243.148.229
139.162.159.252
139.45.195.8
141.226.228.48
142.250.185.162
148.251.152.17
151.101.14.49
152.228.227.62
174.129.166.189
178.253.20.139
18.156.0.31
18.156.99.44
18.185.205.93
18.195.155.181
18.197.137.147
18.197.47.23
18.197.81.144
18.198.69.109
185.33.221.91
185.64.190.80
185.86.138.142
2.18.233.201
2.18.234.21
2.18.234.233
213.183.44.56
216.239.36.21
216.46.185.182
216.52.2.30
23.45.99.241
2606:4700::6810:2b48
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9d
2a02:26f0:6c00::210:bac0
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.210.90
34.253.111.115
35.190.16.14
35.227.248.159
35.244.159.8
35.244.174.68
37.157.3.28
37.157.4.28
37.157.6.235
37.157.6.251
38.27.122.158
46.19.11.36
51.210.112.63
51.83.111.34
52.212.101.97
52.218.120.56
52.29.176.117
52.29.225.117
52.57.110.162
54.228.128.1
54.77.170.127
63.35.174.232
64.210.149.57
65.9.66.113
69.173.144.138
76.223.111.131
77.243.60.138
8.253.204.241
80.82.217.92
85.114.159.93
95.211.229.245
95.211.229.247
99.80.93.68
00faca978fede1f8e94fb6b132d406bf1243c820fa66e0d2befcfa529c4b972a
0241d43be9148d42bc34063814cdeabb195fe94caf1ea073ef9b76dc198d357a
02e0d383c4f94a2dc1f0ed3b4c178aeaee8c38def1ad1b4e4fcbb0a1eaa877ac
03214c49262a897ec00a96e9602a1e8ed694c2bfc263b98595e0edb4aa00b631
037e1517f14dd250f4de722a521d8456617b9509208a4d9a95e9d2a8ac7eb41d
0396a27ec9fe6c57c0d753a046d76a63ea482fbdc69b528de1ccd2d658c38091
052ccfaf4f45317a76dbb04bf754a012fcecd04cb5b5fd5b09e2ba8bd998bce3
0a835aca524d2e083af7edea9ad3ecc28877a64b5f0efa2696fa850346e1cb3e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
18adb8c352ba4d8fcf476c156482558ece1990c2c78cbd361a85318c6eaaa2f4
1ef4de26f7c6fd06f81a88405811a0b895c1654c018bf74c22ebca2acf1ead1f
2054a4888a43bd0e79e90f3991e7c59936acc53067fbad19f18af259fd4277ab
21897509e84bcf3966a038b2f4493cc40dd3cb3d1715c7299029d43e89069062
251c52ad01652092f82a441d3c8476d7aff512012d086464d9bf1e537d18b75f
25358137b3ca2cab4bbbb5dc15e41040abeff1970428d9fee5920297c18923a1
25372b8f4f2d23d8bf57e213e3c3570225a4cdcbb2957ba564db99e6d07ac6fe
26b2e57089ecb46a460bc14fa6492633cfa353f15753b6fde5f245761431ecc5
26f5eccc13869a1f30957b4fec86406681ebec69163990e25140cc89f9d08cbd
29e0ef13b5fe25b755f6c9575d9269cbe3df01454d658b16399965b2f1db5b38
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc4c088d91f1dcbde2840ebfd2bb0e34b7f7226bbd96fb15f78d9567c6be4f1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307eb2664b8ef175765f89c0a604f5fc417405ecfbf404bc2fa082d4856e27f6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bb046bdb291504f892d1c407c879dbd3b8a7eb8aa82a4a6d07fcd64eb5125e
34b31d1c2c76385d20330efd1266a8165ca899db098e4e9f558a0a302134e60c
3733eb70a24718de0939045943d21080c09e4f63b2adef610092f118da9f4e0e
39a35afbd0e80700d2cfee585c03aea932bff49b2c3a070c6f398c35717264fe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f88071aeca5332509541565427f46a6dc69255d3c21ba5bc27b52664f4574ae
411d024d80796b615829ac227b4e7014c55720b97c47181394465674e719b853
41d74429ce0163838e25f484279e87a747a3f60d9c3d079f9a2d0257b1d60e34
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
470de43456706d22d6fecdf9d4418dd2b6c159fabd4b951250b00a7ede028fd5
481bc9e285d7cfa1939a869adfe20d4fe54041df23233c00a436431fb633bdee
4a237131c7c8ed46913462864b014aad98d65d15328d5932a3b498227dd6725e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb1645658bc6f8a8bc45a522125c2a222d0da11c197485a09e3306097f9c94f
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
536ee79f1bc35fbd1bb6ed7377073877c9784dbc010510ea06a9092b8b8be8f9
53abc9a28027bf7eec43e8dc89dca43230f31b3cd60ff093c0d099c8c6afec5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d
555f693558eb1c86095697706084213da2f4228cc83753b400e5709a836141e8
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
585d149b34ad3a6809f7a6e5677a931c7c06fa1f2e537bfb9c5e49c5d42895c6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
5b0b7ff8ca3f671e049cf6847abf67497aef5b5fbf59539b2671e59cba26d490
5b86c0c4cb888372ed71eba9f2b5fd35f292b6876413fecea6e7023e880cb95b
5da04550454d98bc9f8ad340e18568340a835b878a444be6a67b1e75d80af566
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6004685f933946d3f31607e7320945bbacf7b235cac57b7fa859574d2028a5a1
60c443da3dda2eae920b924abc2d0d24b06019831c73501b633ec76d6c92c278
62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1
647a0f978c23cc7d787376a28f37651cc4bedf5c7549822cf961b4d154017c18
6a400a24f44e9edd687ddec9ea72bc60c48ea65087df56b4a93532b5327bb6d5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cbe3b6294c0aa7a418c1226f6c6c3ba8a1553e5843ede0236c2d85eb136bab5
6d2b6e0f886bbcf4a521b6948c13ee151a8c72bee1eff0c2829af216bd4bae26
6e640cefe92535e10ae5ea7740c127fe1a979295cc1bf491346464e8c521eb96
6fb3d0b90a30b5595ee62664068cd9aa5638f567d77cbe55cfd40ecc2ee43364
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75c67a8b6dab220d4618cee51d081b00775fac3f2b82d70b355bc84001b4e5dd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c0a8ac26d86b90717014aae6129fdec2400f24f6c408caaef301f73361b72bf
7c44875b410b096e617f8ce8ea2e7dafb2e76735a6d4432698014db69b74893b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8382281039063b9ea031f17b08a111a5795b67f2fb503475fd4ea153ccd8d489
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84b1888ab1d4f665b12b2e4cce0bb4881f1170a0c9d4790f919b7fefcbb9d5eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8617f9bca908a62e3d789a1cb8c73a1bc1cb269b255b0d181a86323f97f12dbf
864ad9c9608bffa138035a20393a60bf14d4de0262b959ad7c3616233149d242
884eb2c13b6c7f7fa92421df412b8ce347f0f807975f2685c1eb900714ba62f1
895466862776d2f9fe9c259a65e32138cc9d029361c0217089e9f5e42b77915d
895effa868e9c2a3191cc2cd4732f10467936ab72c35193c6f518c7992422d47
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
9269ad3aa0c27da503290abb9ea5c192d8d49af0afa33fe75827485c672a2cff
9368bfc36f658e8caa9ce2d56b148853fba086149352acd8c2a927ecc75d0ba8
9412f3618417df042451222453d48102caa35415e40d5fb46d063813ba3caecf
9506624713d6d5174d572c7da22b165e0577b69ab04caff92868133b8aba5192
987eefb23922f2ff7ac5da292fd06d6991c769585aa4956b8b5aacb8fd206aa2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e03c79dc634291555012dbfa6be9c2c2407cfaf1ea79d19923469e73ed11f3b
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
9fc315d0494ad3037ffe17f2bc99015a2573be285fb06ecb706e9f83660ae1ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
a4c22c574158361f24c7d7f07a2cda48f713f9a286f2026217c7878022365208
a8e0234216bb09c444ba326f0442b0801711d049451dfc12dae637ea92e4517f
aa5972d88eaf8605388bb5d30f02a327fbd230aa049c0875204c56e6891e20d4
ac0ebb80cc23977a364955d1be04438b5ede083f1c0a02fc5832ee1d57bf637a
ae0e13652803bf2c6fd7d44840cd24601855eb033a57e81a1591262ae947872c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ac5c3f868850121b99a643faaadd7ee9462eada0c92318bec6f890ba8f7ad2
b30905adaeb5eab7504f6f6e104e8790b389b4ee22ee3c70dfc50882f8650ffe
b7ddd5375b7d1ce924afdbf86349699aedb0de12b3fd2ff7b3d6703107b6515a
b9d744d136afbb7ba2ce69b9fc7611a1058f60546719032288c7f4825ec6632a
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb63ceb127d03ff6ac88ab94ec8b558d1ab999d39175e6ea4cb4aefbf3a9fb3c
be926bc930e44b898124c45f6a2574db3e93478386ecd99548843223794a3da0
beb8cfa6b40b30dd2058e849f2f151ced4f8076220fa11e2017de97d7ed2a336
c028c5d4bb0026b0db86afd0b54e0e93cdddd73e808e6ac9744d52ffe550b34f
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c314484ddc606ad232b879518bdae64b20387c4d21bccf9eec3c2972a0ce6089
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
c69af71b2c3bceacea794eb1df2aee01d862e7242b32b5ce099616f1e34f68ef
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca1bd60853ad996bcfb78315bf1c24bdb651e59d496b50fe5646d1d2771a2e0f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb58c94276a54c26f58fc42cf7630c3f39aa770917c59a1ccc47152a49765a2a
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
cbc2e46f0c94ae655bddd5449083c0d84d90751ddddc659401024b96d9d022fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d46a905371c27610c615705cc1f4a4db30bbb08888f8365cdafe4471cde9987c
d974bc2255ccdbee659f490617f151033f5474459e1a47d7593a5a794131cf47
db999f63b63458bc9df04a25859bbfbb5c00ff6578e3ac8dbe436d548186890a
dce0b9ce33eb038dd3e953705de4c974ebf4d2884a9e59ad32a9e31b45b13dd2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0774324336828a2ab91eb56234c7a64dd735cb1bbd6fab5dad5f24fefcf9ffd
e23cc1a43dd8dc60b38a08b60155c51fb0488310fed020ccc34620d9411e9b33
e269f8ccf967ce2888a19df2e5fcbf60e19e441cf5bafe1e9867cbb51411448d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7955457f97ec7103af3d6d83ef277c4fd85e9c9fd6c70a76bc1ed094c0451f4
e8539f7860cb4b63d94a9c0ee4caff9646a23256282abefaf4e8e3091da18943
eaffc2f0175c9cd8206760c4e366e038b445340dac2f25af8222e6a14b7d227e
ecb398436c86ab37cc160393a3b9bfe55101ece554d90ec6cd1011a36a887931
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f163f0772bb58d923f0cb54a475889a2aed77812b15ebe1b4ba45b1035a83c23
f22fffb87283ca01e5b684cbc67e1c4c1efca999497a651656535bfac72cbefc
f399de4feb9c9439a01c6ea7b9f44e4e4cca8024f445fdf38a5a10fccb2770e2
f3da90ea214977d6f31707a840050f1202311b8bb7cf641d7801df38b66a6521
f46d0c5e298b4c56b6eaeee959152285fa046dbb3adac56f0aa51984bfe76acb
f5927979f68f2197212e23c9eb1c8016172e99dbfb1e6f3398c9f0653d909256
f6f90ec05de17ce973e5361c3f2b54feab5913f4e1f08279c23ed881c98d53af
f7203f501fde8d9973e357460774799e1e0739e6546e9ce16dffc2f64462e356
f8f67ca4cf83c4fe8cdaa7eb3202e5578b1df1fc72f6fb22dfe00dba35142f47
f94ff3c33c8b835ffb4486901ff1ab168c383e39551449b924abf15a80cc2ec9
fc026dd0aadc6d2501050f5792c481769250d07a704d49a123bf6ba886197d70
fed8f50f01de90a208655afae34306f355cd98c8732525c077178d218f78e610
feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46

22bets.co Open in urlscan Pro 178.253.20.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

223 Requests

100 %HTTPS

19 %IPv6

76 Domains

89 Subdomains

66 IPs

11 Countries

4888 kBTransfer

12927 kBSize

21 Cookies

4 Outgoing links

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

22bets.co Open in urlscan Pro
178.253.20.139 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

100 %
HTTPS

19 %
IPv6

76
Domains

89
Subdomains

66
IPs

11
Countries

4888 kB
Transfer

12927 kB
Size

21
Cookies

223 HTTP transactions
0 data transactions