promo.rthsamlx.com Open in urlscan Pro
185.212.123.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promo.rthsamlx.com/
Submission: On April 06 via api (April 6th 2024, 3:54:55 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 39 HTTP transactions. The main IP is 185.212.123.85, located in Philippines and belongs to SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD, PH. The main domain is promo.rthsamlx.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 12th 2023. Valid for: a year.

This is the only time promo.rthsamlx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.212.123.85 185.212.123.85	132046 (SUNBRIDGE...) (SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD)
3 22	2606:4700::68... 2606:4700::6812:ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
39	6

3 185.212.123.85 (Philippines)

ASN132046 (SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD, PH)

promo.rthsamlx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:ce (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

txt-1-30-2.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
txt-1-51.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-1-51.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
txt-1-53.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-1-53.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-1-79.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-1-30-2.cloudswiftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cloudswiftcdn.net 3 redirects txt-1-30-2.cloudswiftcdn.net txt-1-51.cloudswiftcdn.net img-1-51.cloudswiftcdn.net txt-1-53.cloudswiftcdn.net img-1-53.cloudswiftcdn.net img-1-79.cloudswiftcdn.net img-1-30-2.cloudswiftcdn.net	289 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 159	472 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	437 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	391 B
3	rthsamlx.com promo.rthsamlx.com	8 KB
39	5

	Domain	Requested by
6	txt-1-30-2.cloudswiftcdn.net	promo.rthsamlx.com
5	analytics.google.com	www.googletagmanager.com
5	www.googletagmanager.com	promo.rthsamlx.com www.googletagmanager.com
4	stats.g.doubleclick.net	www.googletagmanager.com
4	txt-1-53.cloudswiftcdn.net	promo.rthsamlx.com
4	txt-1-51.cloudswiftcdn.net	promo.rthsamlx.com
3	img-1-79.cloudswiftcdn.net	promo.rthsamlx.com
3	img-1-53.cloudswiftcdn.net	3 redirects
3	promo.rthsamlx.com	promo.rthsamlx.com
1	img-1-30-2.cloudswiftcdn.net
1	img-1-51.cloudswiftcdn.net	promo.rthsamlx.com
39	11

This site contains links to these domains. Also see Links.

Domain
account.rthsamlx.com
www.sbobet-help.com

Subject Issuer	Validity	Valid
*.sbobet.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-12` - `2025-01-04`	a year	crt.sh
txt-1-30-2.cloudswiftcdn.net Cloudflare Inc ECC CA-3	`2023-09-28` - `2024-09-26`	a year	crt.sh
txt-1-51.cloudswiftcdn.net Cloudflare Inc ECC CA-3	`2023-09-28` - `2024-09-26`	a year	crt.sh
img-1-51.cloudswiftcdn.net Cloudflare Inc ECC CA-3	`2023-09-28` - `2024-09-26`	a year	crt.sh
txt-1-53.cloudswiftcdn.net Cloudflare Inc ECC CA-3	`2023-09-28` - `2024-09-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
img-1-30-2.cloudswiftcdn.net Cloudflare Inc ECC CA-3	`2023-09-28` - `2024-09-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://promo.rthsamlx.com/
Frame ID: CC6366AE94EE9E3E2D5CE9A83CADF385
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SBOBET | Online free betting bonus site for sports and casino

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

77 %
HTTPS

80 %
IPv6

5
Domains

11
Subdomains

6
IPs

2
Countries

734 kB
Transfer

2013 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://account.rthsamlx.com/register?lg=en-US
Title: Join Now

Search URL Search Domain Scan URL

URL: https://www.sbobet-help.com/article/12409.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.sbobet-help.com/article/11798.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/za0g0m5wvt5 HTTP 302
https://img-1-79.cloudswiftcdn.net/banners/za0g0m5wvt5.webp

Request Chain 20

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/vkwosjv2ugp HTTP 302
https://img-1-79.cloudswiftcdn.net/banners/vkwosjv2ugp.webp

Request Chain 21

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/y1bskgippvo HTTP 302
https://img-1-79.cloudswiftcdn.net/banners/y1bskgippvo.webp

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
promo.rthsamlx.com/ 15 KB
6 KB 1755ms
830ms Document
text/html 185.212.123.85
SUNBRIDGE-PH-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.rthsamlx.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.212.123.85 , Philippines, ASN132046 (SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD, PH),

Reverse DNS

Software

Resource Hash

14630bdfd86d6f4a4635a501a75102299f8f28a0ead8959e398142d58e70a9e2

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.g.doubleclick.net *.cloudswiftcdn.net *.cdnrocket.net *.googletagmanager.com *.google-analytics.com *.hotjar.com *.hotjar.io *.google.com fonts.gstatic.com *.survicate.com *.cloudinary.com *.unsplash.com http://*.rthsamlx.com https://*.rthsamlx.com promo.sbotop.com promo.sbobet.com https://www.google.com.tw https://www.google.co.id https://www.google.co.th https://www.google.co.id https://www.google.com.vn *.sbotop.com *.speedysurfcdn.net *.rapidflarecdn.net; report-uri ;frame-ancestors 'self';

X-Frame-Options

SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 4962
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.g.doubleclick.net *.cloudswiftcdn.net *.cdnrocket.net *.googletagmanager.com *.google-analytics.com *.hotjar.com *.hotjar.io *.google.com fonts.gstatic.com *.survicate.com *.cloudinary.com *.unsplash.com http://*.rthsamlx.com https://*.rthsamlx.com promo.sbotop.com promo.sbobet.com https://www.google.com.tw https://www.google.co.id https://www.google.co.th https://www.google.co.id https://www.google.com.vn *.sbotop.com *.speedysurfcdn.net *.rapidflarecdn.net; report-uri ;frame-ancestors 'self';
Content-Type: text/html; charset=utf-8
Date: Sat, 06 Apr 2024 15:54:46 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex

GET
H2 200 grid_combine.css
txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/ 31 KB
5 KB 656ms
21ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/grid_combine.css?v=20230301

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b70642d8974dea724709b35d8756fab3cebd851de428dd00657279522d6414

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Oct 2021 01:33:00 GMT
server: cloudflare
age: 310763
etag: "06e4a6c9bc0d71:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8702f560be2a43f2-EWR
content-length: 5488
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 swiper-bundle.min.css
txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/ 10 KB
4 KB 657ms
22ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/swiper-bundle.min.css?v=20230301

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69459416021ddf9c1f272eca93ba8fd24a38d8354d092e424621fe386d60d83b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Oct 2021 01:33:00 GMT
server: cloudflare
age: 91886
etag: "06e4a6c9bc0d71:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8702f560be2c43f2-EWR
content-length: 4398
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 promotions.css
txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/ 18 KB
6 KB 661ms
27ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/promotions.css?v=20230301

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d2e5c0ed871d4c4a1549dce9d78b4c3fc2ae6007a46058dabe76e47dbb7e92

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Mar 2022 03:57:04 GMT
server: cloudflare
age: 310763
etag: "0683de73234d81:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8702f560be2e43f2-EWR
content-length: 6386
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 button.css
txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/ 6 KB
2 KB 660ms
26ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net/content/css/NewPromoPage/button.css?v=20230301

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbccf9ed917c3c8d615390c354226d2770a07d7cb05ca4b3bbc268417ec3dce0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 07:43:56 GMT
server: cloudflare
age: 91886
etag: "0463219c4b6d81:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8702f560be2f43f2-EWR
content-length: 1574
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 LiveChat.css
txt-1-30-2.cloudswiftcdn.net/content/css/LiveChat/ 6 KB
4 KB 653ms
19ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net/content/css/LiveChat/LiveChat.css?v=20230301

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b161def91a89eeba6b3695b9eaebe7284a4544a099262d97a6511694b139fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Jul 2022 07:00:12 GMT
server: cloudflare
age: 310763
etag: "0a6a55c4f97d81:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8702f560be2843f2-EWR
content-length: 3363
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 Jquery Show response
txt-1-30-2.cloudswiftcdn.net//Scripts/ 87 KB
40 KB 1586ms
952ms Script
text/javascript 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-30-2.cloudswiftcdn.net//Scripts/Jquery?v=LYwc5OxGSW7ZpkTf7ckY3GOdqafOvzeknRc1cFb3gaI1

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Apr 2024 15:54:48 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public
x-robots-tag: noindex
cf-ray: 8702f560be3043f2-EWR
content-length: 40527
expires: Sun, 06 Apr 2025 15:54:48 GMT

GET
H2 200 simple_header_footer.css
txt-1-51.cloudswiftcdn.net/css/ 21 KB
6 KB 658ms
31ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-51.cloudswiftcdn.net/css/simple_header_footer.css?v=b20240402101618

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c75f77a8fa9dfcc0ce12e4bf900d11f0b0a77ea4528a6fc841910e14bfadc269

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 10:16:18 GMT
server: cloudflare
age: 146258
etag: W/"1da84e6cd259693"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8702f560aa5a0f80-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 common.js Show response
txt-1-51.cloudswiftcdn.net/js/ 77 KB
26 KB 647ms
20ms Script
text/javascript 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-51.cloudswiftcdn.net/js/common.js?v=b20240402101753

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

337dfdaa59e513ff92e83a246a3322a0dd9dcf66779eb8614777bfa6ad5433d4

Security Headers

Name

Value

Content-Security-Policy

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 10:17:53 GMT
server: cloudflare
age: 301248
etag: W/"1da84e705c4aa90"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8702f560aa610f80-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 SimpleHeader.js Show response
txt-1-51.cloudswiftcdn.net/js/ 4 KB
2 KB 647ms
21ms Script
text/javascript 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-51.cloudswiftcdn.net/js/SimpleHeader.js?v=b20240402101753

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f0a81c43083340fd7734533995a36b67cbeb1fa7f4cfa7022092abb485e196

Security Headers

Name

Value

Content-Security-Policy

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 10:17:53 GMT
server: cloudflare
age: 268156
etag: W/"1da84e705c59065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8702f560aa5c0f80-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 swiper-bundle.min.js Show response
txt-1-51.cloudswiftcdn.net/lib/landing/ 80 KB
22 KB 650ms
24ms Script
text/javascript 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://txt-1-51.cloudswiftcdn.net/lib/landing/swiper-bundle.min.js?v=b20240402101618

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0fd456cc88417defc65f45224e269160577da4ea109fd8967c6e76ddde5449

Security Headers

Name

Value

Content-Security-Policy

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 10:16:18 GMT
server: cloudflare
age: 300413
etag: W/"1da84e6cd24fbf2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8702f560aa640f80-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 bet_logo.svg
img-1-51.cloudswiftcdn.net/img/ 3 KB
3 KB 221ms
29ms Image
image/svg+xml 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-1-51.cloudswiftcdn.net/img/bet_logo.svg?v=b20240402101618

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3553db44cb01748e5a407a9b6390d489100277a8b8590e7b766faa4f91550c1e

Security Headers

Name

Value

Content-Security-Policy

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:48 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.sbobet.com; img-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/; report-uri https://csp.trackittk.net/z/3693b3a4-1444-448c-93f9-abfaa546d0e0; frame-src data: https://localhost:* https://*.cloudswiftcdn.net https://apmcmwrew.cedexis.cc https://*.sbotop.com *.google.com *.google.com.tw https://www.googletagmanager.com http://blog.sbotop.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.sportradar.com *.sportradarserving.com *.digitru.st *.bidswitch.net *.sbotop.co.uk *.connextra.com https://dev.visualwebsiteoptimizer.com https://*.cdnrocket.net/ https://*.cloudswiftcdn.net/ https://*.speedysurfcdn.net/ https://*.rapidflarecdn.net/ https://*.lightningspeedcdn.net/ https://*.youtube.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://optimize.google.com; worker-src data: blob: https://dev.visualwebsiteoptimizer.com; frame-ancestors 'self' data: https://*.sbotop.com;
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 10:16:18 GMT
server: cloudflare
age: 85469
etag: W/"1da84e6cd25c855"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8702f5621b0e72aa-EWR
expires: Sun, 06 Apr 2025 15:54:48 GMT

GET
H2 200 grid_combine.css
txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/ 29 KB
3 KB 64ms
21ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/grid_combine.css
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51e0111228656d89e3afdeac5403690518dc500c0dba8102d74e881d652f50f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 11:37:04 GMT
server: cloudflare
age: 331634
etag: W/"1da84f21596c4be"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8702f55d0ed442ad-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 swiper-bundle.min.css
txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/ 10 KB
4 KB 59ms
17ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/swiper-bundle.min.css
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69459416021ddf9c1f272eca93ba8fd24a38d8354d092e424621fe386d60d83b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 11:37:04 GMT
server: cloudflare
age: 331634
etag: W/"1da84f2159697ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8702f55d0ed542ad-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 promotions.css
txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/ 20 KB
6 KB 18ms
18ms Stylesheet
text/css 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://txt-1-53.cloudswiftcdn.net/cdn/css/PromoPage/promotions.css
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb11ca6be1d477e1fa27979ba8840626e22ef4f6ad6abaefd9ba22a91e0a577

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 11:37:04 GMT
server: cloudflare
age: 331634
etag: W/"1da84f21596e0f1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8702f55d2ee842ad-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H2 200 swiper-bundle.min.js Show response
txt-1-53.cloudswiftcdn.net/cdn/js/PromoPage/ 80 KB
22 KB 23ms
23ms Script
text/javascript 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://txt-1-53.cloudswiftcdn.net/cdn/js/PromoPage/swiper-bundle.min.js
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7320194f3e9e40535c9c4f88580e226126472f5dbb042e7f87dbcb819d9fd6ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 11:37:04 GMT
server: cloudflare
age: 196418
etag: W/"1da84f215978efe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8702f55d2eea42ad-EWR
expires: Sun, 06 Apr 2025 15:54:47 GMT

GET
H/1.1 200
OK livechat.js Show response
promo.rthsamlx.com/scripts/LiveChat/ 1 KB
993 B 277ms
277ms Script
application/javascript 185.212.123.85
SUNBRIDGE-PH-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.rthsamlx.com/scripts/LiveChat/livechat.js

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.212.123.85 , Philippines, ASN132046 (SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD, PH),

Reverse DNS

Software

Resource Hash

ef0ca23341e36f5d7bbd9e91821fb70f4562d58c2168ce40fac8db9440650803

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 06 Apr 2024 15:54:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jul 2022 08:49:02 GMT
ETag: "0d3b8b9de9cd81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 708

GET
H/1.1 200
OK utils.js Show response
promo.rthsamlx.com/scripts/ 2 KB
1 KB 274ms
274ms Script
application/javascript 185.212.123.85
SUNBRIDGE-PH-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.rthsamlx.com/scripts/utils.js

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.212.123.85 , Philippines, ASN132046 (SUNBRIDGE-PH-AS-AP Sunbridge worldwide LTD, PH),

Reverse DNS

Software

Resource Hash

0836e4664f1f5e5b4c031b6513aeb0178ec39d6472687e185eb6c2277d8b0d8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 06 Apr 2024 15:54:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Aug 2023 03:11:52 GMT
ETag: "04c6ae3b8dbd91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1144

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 378 KB
88 KB 319ms
71ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4NTRL

Requested by

Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

214c9faf9b08039ceee15b9edffe473a6fbeb018fc45940061cc4ed81ec6da2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89409
x-xss-protection: 0
last-modified: Sat, 06 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Apr 2024 15:54:49 GMT

GET
H2

200

za0g0m5wvt5.webp
img-1-79.cloudswiftcdn.net/banners/
Redirect Chain

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/za0g0m5wvt5
https://img-1-79.cloudswiftcdn.net/banners/za0g0m5wvt5.webp

52 KB
52 KB

306ms
23ms

Image
image/webp

2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-1-79.cloudswiftcdn.net/banners/za0g0m5wvt5.webp
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ba88b1e4a9f89c81885684d142b42dd10dd1d5ac550adbca5f44afb5d7da71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promo.rthsamlx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 15:54:50 GMT
cf-cache-status: HIT
age: 77803
x-guploader-uploadid: ABPtcPo-TU4bQIVa0_FFT0OmvRxD2Wf8dxA3x9zuiREFVW8i0Op_3KORh8pdTUHad4YUqFfqGwINiNrLiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 52842
last-modified: Tue, 05 Dec 2023 07:25:58 GMT
server: cloudflare
etag: "303d738a6a09267c2735691ef8150825"
vary: Accept-Encoding
x-goog-generation: 1701761158122722
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=T1Pibg==, md5=MD1zimoJJnwnNWke+BUIJQ==
access-control-expose-headers: *
cache-control: public,max-age=31536000
x-goog-stored-content-length: 52842
accept-ranges: bytes
cf-ray: 8702f56fbbebc448-EWR
expires: Sat, 05 Apr 2025 18:18:07 GMT

Redirect headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: http://*.sbobet.com http://*.fasttrackcdn.net http://*.cdnrocket.net http://*.sbotry.com http://*.sbotest.com https://*.sbotest.com http://*.sbotop.com http://*.sbotoptry.com http://*.sbotoptest.com https://*.sbotoptest.com http://*.localdev.net http://baihui.sbotry.com http://localhost:5000 http://baihui-a.sbotopex.com http://baihui-b.sbotopex.com https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com http://localhost:8081 http://localhost:44661;
cf-cache-status: DYNAMIC
server: cloudflare
location: https://img-1-79.cloudswiftcdn.net/banners/za0g0m5wvt5.webp
cache-control: private,max-age=86400
cf-ray: 8702f56afe6042c4-EWR
content-length: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0655e6a01cf1187aef723048c46d2d1756e761e16987146f0ac82ff4c05b7f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

vkwosjv2ugp.webp
img-1-79.cloudswiftcdn.net/banners/
Redirect Chain

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/vkwosjv2ugp
https://img-1-79.cloudswiftcdn.net/banners/vkwosjv2ugp.webp

42 KB
42 KB

491ms
34ms

Image
image/webp

2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-1-79.cloudswiftcdn.net/banners/vkwosjv2ugp.webp
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00930de6edb892d582f7b3eb556690255c42afe569580470bcfbf20d89806795

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promo.rthsamlx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 15:54:50 GMT
cf-cache-status: HIT
age: 196410
x-guploader-uploadid: ABPtcPq75hwPvSq9KEd8Q-kbeY77mFVImBxFUz8EQoMrY382NEwGKBwsVndRqLqZ38PV8llmsg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 43170
last-modified: Thu, 04 Apr 2024 03:24:01 GMT
server: cloudflare
etag: "6d6c73a5566fb409a9518122d0d53540"
vary: Accept-Encoding
x-goog-generation: 1712201041106464
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=pNSrSA==, md5=bWxzpVZvtAmpUYEi0NU1QA==
access-control-expose-headers: *
cache-control: public,max-age=31536000
x-goog-stored-content-length: 43170
accept-ranges: bytes
cf-ray: 8702f56fbbe4c448-EWR
expires: Fri, 04 Apr 2025 09:21:20 GMT

Redirect headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: http://*.sbobet.com http://*.fasttrackcdn.net http://*.cdnrocket.net http://*.sbotry.com http://*.sbotest.com https://*.sbotest.com http://*.sbotop.com http://*.sbotoptry.com http://*.sbotoptest.com https://*.sbotoptest.com http://*.localdev.net http://baihui.sbotry.com http://localhost:5000 http://baihui-a.sbotopex.com http://baihui-b.sbotopex.com https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com http://localhost:8081 http://localhost:44661;
cf-cache-status: DYNAMIC
server: cloudflare
location: https://img-1-79.cloudswiftcdn.net/banners/vkwosjv2ugp.webp
cache-control: private,max-age=86400
cf-ray: 8702f56afe6242c4-EWR
content-length: 0

GET
H2

200

y1bskgippvo.webp
img-1-79.cloudswiftcdn.net/banners/
Redirect Chain

https://img-1-53.cloudswiftcdn.net/cdn/v2/image/y1bskgippvo
https://img-1-79.cloudswiftcdn.net/banners/y1bskgippvo.webp

37 KB
38 KB

1192ms
904ms

Image
image/webp

2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-1-79.cloudswiftcdn.net/banners/y1bskgippvo.webp
Requested by: Host: promo.rthsamlx.com
URL: https://promo.rthsamlx.com/
Protocol: H2
Server: 2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c1b2a47518cc1756185c10462f96c550eae86533d84082100d71c251d6ff76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promo.rthsamlx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Apr 2024 15:54:51 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoYiEGNZ2EDg1KYy8HGpbC7HAVx_IV60IPht0txplpBGnQVSJ-Rb5vZDswT9Qp1t73N3iQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 38230
last-modified: Sat, 06 Apr 2024 14:15:54 GMT
server: cloudflare
etag: "4b3086ff37e32f6698f9e71c6f45531f"
vary: Accept-Encoding
x-goog-generation: 1712412954222104
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=XQvtrw==, md5=SzCG/zfjL2aY+eccb0VTHw==
access-control-expose-headers: *
cache-control: public,max-age=31536000
x-goog-stored-content-length: 38230
accept-ranges: bytes
cf-ray: 8702f56fbbe9c448-EWR
expires: Sun, 06 Apr 2025 15:54:50 GMT

Redirect headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: http://*.sbobet.com http://*.fasttrackcdn.net http://*.cdnrocket.net http://*.sbotry.com http://*.sbotest.com https://*.sbotest.com http://*.sbotop.com http://*.sbotoptry.com http://*.sbotoptest.com https://*.sbotoptest.com http://*.localdev.net http://baihui.sbotry.com http://localhost:5000 http://baihui-a.sbotopex.com http://baihui-b.sbotopex.com https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com http://localhost:8081 http://localhost:44661;
cf-cache-status: DYNAMIC
server: cloudflare
location: https://img-1-79.cloudswiftcdn.net/banners/y1bskgippvo.webp
cache-control: private,max-age=86400
cf-ray: 8702f56afe6142c4-EWR
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
95 KB 59ms
58ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B36JQP0LDG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NTRL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37e101ba184fc7e144d5caacd1d03a4fde06f418048ed870acd45be50388ea1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Apr 2024 15:54:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
86 KB 37ms
36ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ECMRT9HGYM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NTRL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c58ddcf35da74216cf53f76be3a6446a0d45f20c43fb2d54c4dd2493e581726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Apr 2024 15:54:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 44ms
44ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NBZQFCV23R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NTRL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98f7eddefa1fbb19007464144a8135d0d7580554cd9e8b07d6b880cb65adb643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Apr 2024 15:54:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 39ms
38ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8C10ZJ3NTJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4NTRL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f87e45ec71b560dc509fa60e15e7aac8c2c78af3112a47e45a9e1a29a4b95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Apr 2024 15:54:49 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 528ms
26ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8C10ZJ3NTJ&gtm=45je4430v871130304z871831593za200&_p=1712418889175&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=page_view&_fv=1&_nsi=1&_ss=1&up.uuid=BSI&up.brand=SBOBET&up.currency=BSI&up.type=BSI&up.identify=BSI&up.webmode=Desktop&tfd=4299
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C10ZJ3NTJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 530ms
28ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8C10ZJ3NTJ&cid=1468734601.1712418890&gtm=45je4430v871130304z871831593za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C10ZJ3NTJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 486ms
26ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ECMRT9HGYM&gtm=45je4430v871128927z871831593za200&_p=1712418889175&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=page_view&_fv=1&_ss=1&up.uuid=BSI&up.brand=SBOBET&up.currency=BSI&up.type=BSI&up.identify=BSI&up.webmode=Desktop&tfd=4341
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECMRT9HGYM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 489ms
28ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ECMRT9HGYM&cid=1468734601.1712418890&gtm=45je4430v871128927z871831593za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECMRT9HGYM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 460ms
27ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NBZQFCV23R&gtm=45je4430v871128975z871831593za200&_p=1712418889175&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&uid=BSI&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=page_view&_fv=1&_ss=1&up.uuid=BSI&up.brand=SBOBET&up.currency=BSI&up.type=BSI&up.identify=BSI&up.webmode=Desktop&tfd=4368
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBZQFCV23R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 462ms
29ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NBZQFCV23R&cid=1468734601.1712418890&gtm=45je4430v871128975z871831593za200&aip=1&uid=BSI&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NBZQFCV23R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 420ms
27ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B36JQP0LDG&gtm=45je4430v887802947z871831593za200&_p=1712418889175&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=page_view&_fv=1&_ss=1&ep.product=Promotion&ep.projectname=SR&up.uuid=BSI&up.brand=SBOBET&up.currency=BSI&up.type=BSI&up.identify=BSI&tfd=4408
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B36JQP0LDG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 421ms
29ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B36JQP0LDG&cid=1468734601.1712418890&gtm=45je4430v887802947z871831593za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B36JQP0LDG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 25ms
25ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B36JQP0LDG&gtm=45je4430v887802947za200&_p=1712418889175&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EEA&_s=2&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=scroll&ep.product=Promotion&ep.projectname=SR&epn.percent_scrolled=90&_et=7&tfd=4849
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B36JQP0LDG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 06 Apr 2024 15:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.rthsamlx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
img-1-30-2.cloudswiftcdn.net/ 2 KB
1 KB 467ms
19ms Other
image/x-icon 2606:4700::6812:ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-1-30-2.cloudswiftcdn.net/favicon.ico?v=20240303b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b4b08d28874f2b5dc64f7b256ea8ad63d7903bac4ceb92fd6337846216e0ae2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://promo.rthsamlx.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 15:54:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 09:16:11 GMT
server: cloudflare
age: 91886
etag: W/"80ffeff72840d81:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=31536000
cf-ray: 8702f572e93d8c30-EWR
expires: Sun, 06 Apr 2025 15:54:50 GMT

POST collect
analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-8C10ZJ3NTJ&gtm=45je4430v871130304z871831593za200&_p=1712418889175&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=B2B_SBOBET_PV&ep.product=Promotion&ep.projectname=SR&ep.webmode=Desktop&_et=3&tfd=9305

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-ECMRT9HGYM&gtm=45je4430v871128927z871831593za200&_p=1712418889175&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=B2C_SBOBET_PV&ep.product=Promotion&ep.projectname=SR&ep.webmode=Desktop&_et=3&tfd=9345

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-NBZQFCV23R&gtm=45je4430v871128975z871831593za200&_p=1712418889175&gcd=13l3l3l3l1&npa=0&dma=0&cid=1468734601.1712418890&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&uid=BSI&sid=1712418889&sct=1&seg=0&dl=https%3A%2F%2Fpromo.rthsamlx.com%2F&dt=SBOBET%20%7C%20Online%20free%20betting%20bonus%20site%20for%20sports%20and%20casino&en=B2C_ASI_PV&ep.product=Promotion&ep.projectname=SR&ep.webmode=Desktop&_et=4&tfd=9374

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
promo.rthsamlx.com/	1969-12-31 23:59:59	Name: onsf Value: !8h5Z0j5xl+WpYcygnjwthbnQp9/BFy8fM2KmQNcIZM1lZJJf4YYFkI50tbYaG6gaLlt3Tp7QLcmDZJY=
.rthsamlx.com/	1970-01-21 05:16:18	Name: _ga Value: GA1.1.1468734601.1712418890
.rthsamlx.com/	1970-01-21 05:16:18	Name: _ga_8C10ZJ3NTJ Value: GS1.1.1712418889.1.0.1712418889.60.0.0
.rthsamlx.com/	1970-01-21 05:16:18	Name: _ga_ECMRT9HGYM Value: GS1.1.1712418889.1.0.1712418889.60.0.0
.rthsamlx.com/	1970-01-21 05:16:18	Name: _ga_NBZQFCV23R Value: GS1.1.1712418889.1.0.1712418889.60.0.0
.rthsamlx.com/	1970-01-21 05:16:18	Name: _ga_B36JQP0LDG Value: GS1.1.1712418889.1.0.1712418890.59.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .g.doubleclick.net .cloudswiftcdn.net .cdnrocket.net .googletagmanager.com .google-analytics.com .hotjar.com .hotjar.io .google.com fonts.gstatic.com .survicate.com .cloudinary.com .unsplash.com http://.rthsamlx.com https://.rthsamlx.com promo.sbotop.com promo.sbobet.com https://www.google.com.tw https://www.google.co.id https://www.google.co.th https://www.google.co.id https://www.google.com.vn .sbotop.com .speedysurfcdn.net .rapidflarecdn.net; report-uri ;frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Header

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
img-1-30-2.cloudswiftcdn.net
img-1-51.cloudswiftcdn.net
img-1-53.cloudswiftcdn.net
img-1-79.cloudswiftcdn.net
promo.rthsamlx.com
stats.g.doubleclick.net
txt-1-30-2.cloudswiftcdn.net
txt-1-51.cloudswiftcdn.net
txt-1-53.cloudswiftcdn.net
www.googletagmanager.com
analytics.google.com
185.212.123.85
2606:4700::6812:ce
2607:f8b0:4004:c17::66
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9b
00930de6edb892d582f7b3eb556690255c42afe569580470bcfbf20d89806795
03ba88b1e4a9f89c81885684d142b42dd10dd1d5ac550adbca5f44afb5d7da71
0836e4664f1f5e5b4c031b6513aeb0178ec39d6472687e185eb6c2277d8b0d8a
14630bdfd86d6f4a4635a501a75102299f8f28a0ead8959e398142d58e70a9e2
214c9faf9b08039ceee15b9edffe473a6fbeb018fc45940061cc4ed81ec6da2f
23f0a81c43083340fd7734533995a36b67cbeb1fa7f4cfa7022092abb485e196
337dfdaa59e513ff92e83a246a3322a0dd9dcf66779eb8614777bfa6ad5433d4
3553db44cb01748e5a407a9b6390d489100277a8b8590e7b766faa4f91550c1e
37e101ba184fc7e144d5caacd1d03a4fde06f418048ed870acd45be50388ea1c
41d2e5c0ed871d4c4a1549dce9d78b4c3fc2ae6007a46058dabe76e47dbb7e92
5b4b08d28874f2b5dc64f7b256ea8ad63d7903bac4ceb92fd6337846216e0ae2
5eb11ca6be1d477e1fa27979ba8840626e22ef4f6ad6abaefd9ba22a91e0a577
69459416021ddf9c1f272eca93ba8fd24a38d8354d092e424621fe386d60d83b
7320194f3e9e40535c9c4f88580e226126472f5dbb042e7f87dbcb819d9fd6ba
75b161def91a89eeba6b3695b9eaebe7284a4544a099262d97a6511694b139fd
90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5
98f7eddefa1fbb19007464144a8135d0d7580554cd9e8b07d6b880cb65adb643
9c58ddcf35da74216cf53f76be3a6446a0d45f20c43fb2d54c4dd2493e581726
c0655e6a01cf1187aef723048c46d2d1756e761e16987146f0ac82ff4c05b7f1
c75f77a8fa9dfcc0ce12e4bf900d11f0b0a77ea4528a6fc841910e14bfadc269
cb0fd456cc88417defc65f45224e269160577da4ea109fd8967c6e76ddde5449
d7f87e45ec71b560dc509fa60e15e7aac8c2c78af3112a47e45a9e1a29a4b95f
dbccf9ed917c3c8d615390c354226d2770a07d7cb05ca4b3bbc268417ec3dce0
e0c1b2a47518cc1756185c10462f96c550eae86533d84082100d71c251d6ff76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e0111228656d89e3afdeac5403690518dc500c0dba8102d74e881d652f50f
ef0ca23341e36f5d7bbd9e91821fb70f4562d58c2168ce40fac8db9440650803
f7b70642d8974dea724709b35d8756fab3cebd851de428dd00657279522d6414

promo.rthsamlx.com Open in urlscan Pro 185.212.123.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

77 %HTTPS

80 %IPv6

5 Domains

11 Subdomains

6 IPs

2 Countries

734 kBTransfer

2013 kBSize

6 Cookies

3 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.rthsamlx.com Open in urlscan Pro
185.212.123.85 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

77 %
HTTPS

80 %
IPv6

5
Domains

11
Subdomains

6
IPs

2
Countries

734 kB
Transfer

2013 kB
Size

6
Cookies

39 HTTP transactions
1 data transactions