Submitted URL: https://bonus.betboo830.com/
Effective URL: https://bonus.betboo942.com/dev-bonus/
Submission: On October 12 via api from US — Scanned from US

Summary

This website contacted 47 IPs in 7 countries across 61 domains to perform 126 HTTP transactions. The main IP is 104.17.94.64, located in and belongs to CLOUDFLARENET, US. The main domain is bonus.betboo942.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 26th 2023. Valid for: a year.
This is the only time bonus.betboo942.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.245.173.161 16509 (AMAZON-02)
2 36 104.17.94.64 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
1 18.238.4.118 16509 (AMAZON-02)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
9 107.154.133.121 19551 (INCAPSULA)
1 4 37.157.6.232 198622 (ADFORM)
1 3 142.251.16.148 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.90 16509 (AMAZON-02)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 34.102.240.186 396982 (GOOGLE-CL...)
1 185.167.164.47 198622 (ADFORM)
1 16 185.167.164.39 198622 (ADFORM)
2 3 52.203.127.100 14618 (AMAZON-AES)
1 23.41.169.75 16625 (AKAMAI-AS)
1 8.43.72.97 26667 (RUBICONPR...)
2 2 18.194.128.214 16509 (AMAZON-02)
1 1 23.105.12.150 30633 (LEASEWEB-...)
1 2 34.200.65.202 14618 (AMAZON-AES)
1 63.251.28.234 13789 (INTERNAP-...)
2 2 35.211.178.172 19527 (GOOGLE-2)
2 141.226.124.48 200478 (TABOOLA-AS)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 3.232.64.79 14618 (AMAZON-AES)
1 44.238.141.43 16509 (AMAZON-02)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 3.217.186.3 14618 (AMAZON-AES)
1 4 104.96.165.30 16625 (AKAMAI-AS)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 1 34.249.120.117 16509 (AMAZON-02)
1 52.218.90.27 16509 (AMAZON-02)
4 4 15.235.15.221 16276 (OVH)
5 5 3.33.220.150 16509 (AMAZON-02)
3 3 142.251.163.155 15169 (GOOGLE)
1 54.88.241.171 14618 (AMAZON-AES)
3 4 68.67.179.155 29990 (ASN-APPNEX)
1 104.36.113.107 62713 (AS-PUBMATIC)
1 18.238.4.16 16509 (AMAZON-02)
2 3 34.237.158.211 14618 (AMAZON-AES)
2 2 52.22.152.20 14618 (AMAZON-AES)
1 1 13.224.214.30 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 23.13.208.196 16625 (AKAMAI-AS)
2 2 54.211.189.216 14618 (AMAZON-AES)
1 1 69.169.86.38 29838 (AMC)
1 69.169.85.7 29838 (AMC)
3 4 162.19.138.118 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 23.220.113.47 16625 (AKAMAI-AS)
1 1 2600:9000:20e... 16509 (AMAZON-02)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
1 46.19.11.36 51790 (SIEL)
1 3.229.224.124 14618 (AMAZON-AES)
1 2 52.223.22.214 16509 (AMAZON-02)
1 44.212.89.30 14618 (AMAZON-AES)
1 107.178.244.119 396982 (GOOGLE-CL...)
126 47
Apex Domain
Subdomains
Transfer
36 betboo942.com
bonus.betboo942.com
2 MB
20 adform.net
track.adform.net — Cisco Umbrella Rank: 4131
s2.adform.net — Cisco Umbrella Rank: 7290
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
44 KB
10 optimove.net
sdk.optimove.net — Cisco Umbrella Rank: 69378
stream-353.optimove.net
sdkuaservice.optimove.net — Cisco Umbrella Rank: 59725
realtime-353.optimove.net
26 KB
8 doubleclick.net
13148028.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
5 gstatic.com
fonts.gstatic.com
121 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
5 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 542
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
2 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 734
1 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 118
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 178
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
347 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
3 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
ice.360yield.com — Cisco Umbrella Rank: 2362
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
720 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14143
630 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
2 KB
2 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2959
492 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
891 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
818 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1189
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
1 KB
2 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1598
sync.taboola.com — Cisco Umbrella Rank: 1031
749 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
490 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3185
693 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
script.hotjar.com — Cisco Umbrella Rank: 1101
60 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183
30 KB
1 sojern.com
pixel.sojern.com — Cisco Umbrella Rank: 8495
156 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2433
120 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1723
109 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 29639
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
534 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
278 B
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 3151
420 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 2273
499 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 2109
641 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
456 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 587
643 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 27221
444 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 959
472 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 903
338 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 32266
407 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 924
633 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2048
324 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
641 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
669 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 504
655 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4701
400 B
1 seadform.net
server.seadform.net — Cisco Umbrella Rank: 37873
467 B
1 getsitecontrol.com
widgets.getsitecontrol.com — Cisco Umbrella Rank: 21276
908 B
1 betboo830.com
bonus.betboo830.com
104 B
0 e-volution.ai Failed
sync.e-volution.ai Failed
0 1dmp.io Failed
sync.1dmp.io Failed
126 61
Domain Requested by
36 bonus.betboo942.com 2 redirects bonus.betboo942.com
12 c1.adform.net 1 redirects track.adform.net
c1.adform.net
5 match.adsrvr.org 5 redirects
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bonus.betboo942.com
5 fonts.gstatic.com fonts.googleapis.com
4 id5-sync.com 3 redirects c1.adform.net
4 dmp.adform.net c1.adform.net
4 pixel.onaudience.com 4 redirects
4 tags.bluekai.com 1 redirects c1.adform.net
4 realtime-353.optimove.net sdk.optimove.net
4 stream-353.optimove.net sdk.optimove.net
4 www.googletagmanager.com bonus.betboo942.com
www.googletagmanager.com
www.google-analytics.com
4 fonts.googleapis.com bonus.betboo942.com
3 pixel.tapad.com 3 redirects
3 a.audrte.com 2 redirects c1.adform.net
3 secure.adnxs.com 2 redirects c1.adform.net
3 cm.g.doubleclick.net 3 redirects
3 sync.crwdcntrl.net 2 redirects c1.adform.net
3 13148028.fls.doubleclick.net 1 redirects www.googletagmanager.com
13148028.fls.doubleclick.net
3 track.adform.net 1 redirects bonus.betboo942.com
s2.adform.net
2 eb2.3lift.com 1 redirects c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 eu-u.openx.net 1 redirects c1.adform.net
2 px.ads.linkedin.com 1 redirects c1.adform.net
2 idsync.rlcdn.com 2 redirects
2 ps.eyeota.net 1 redirects c1.adform.net
2 uipglob.semasio.net 1 redirects c1.adform.net
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 x.bidswitch.net 2 redirects
2 ups.analytics.yahoo.com 1 redirects c1.adform.net
2 ih.adscale.de 2 redirects
2 ad.360yield.com 1 redirects c1.adform.net
2 analytics.google.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 maxcdn.bootstrapcdn.com bonus.betboo942.com
1 pixel.sojern.com c1.adform.net
1 e1.emxdgt.com c1.adform.net
1 bpi.rtactivate.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 sync.taboola.com c1.adform.net
1 s.ad.smaato.net 1 redirects
1 sync.teads.tv c1.adform.net
1 ice.360yield.com 1 redirects
1 ib.adnxs.com 1 redirects
1 ib.mookie1.com c1.adform.net
1 global.ib-ibi.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 pippio.com 1 redirects
1 loadm.exelator.com c1.adform.net
1 sync-t1.taboola.com c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com 1 redirects
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 server.seadform.net 13148028.fls.doubleclick.net
1 s2.adform.net 13148028.fls.doubleclick.net
1 sdkuaservice.optimove.net sdk.optimove.net
1 www.google.com bonus.betboo942.com
1 adservice.google.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 sdk.optimove.net www.googletagmanager.com
1 widgets.getsitecontrol.com bonus.betboo942.com
1 static.hotjar.com www.googletagmanager.com
1 bonus.betboo830.com 1 redirects
0 sync.e-volution.ai Failed c1.adform.net
0 sync.1dmp.io Failed c1.adform.net
126 75
Subject Issuer Validity Valid
bonus.betboo942.com
Cloudflare Inc ECC CA-3
2023-09-26 -
2024-09-24
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2
2023-03-07 -
2024-04-07
a year crt.sh
*.optimove.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-05 -
2024-02-05
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-10-20 -
2023-11-09
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-02-22 -
2024-01-18
a year crt.sh
teads.tv
R3
2023-10-09 -
2024-01-07
3 months crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA
2023-05-29 -
2024-06-04
a year crt.sh
rtactivate.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2023-06-14 -
2024-06-14
a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-17 -
2024-02-17
a year crt.sh

This page contains 5 frames:

Primary Page: https://bonus.betboo942.com/dev-bonus/
Frame ID: 45B661EC9B3A86A4426A09B03ABB8F30
Requests: 67 HTTP requests in this frame

Frame: https://bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: B5740F22AA765EFBE5FBA4D26F4A9E3A
Requests: 2 HTTP requests in this frame

Frame: https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Frame ID: D39BE5847FA170E4A1AD7D52DDB46336
Requests: 1 HTTP requests in this frame

Frame: https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Frame ID: 55210D037EB684C920300FC25043B682
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Frame ID: E71DBBAC3F8EDB3437792620BF664FEE
Requests: 48 HTTP requests in this frame

Screenshot

Page Title

BETBOO - ÃœYELÄ°K TEKLÄ°FÄ°

Page URL History Show full URLs

  1. https://bonus.betboo830.com/ HTTP 301
    https://bonus.betboo942.com/ Page URL
  2. http://bonus.betboo942.com/dev-bonus/ HTTP 301
    https://bonus.betboo942.com/dev-bonus/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

75 %
HTTPS

18 %
IPv6

61
Domains

75
Subdomains

47
IPs

7
Countries

2911 kB
Transfer

4228 kB
Size

94
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bonus.betboo830.com/ HTTP 301
    https://bonus.betboo942.com/ Page URL
  2. http://bonus.betboo942.com/dev-bonus/ HTTP 301
    https://bonus.betboo942.com/dev-bonus/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bonus.betboo830.com/ HTTP 301
  • https://bonus.betboo942.com/
Request Chain 43
  • https://bonus.betboo942.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Request Chain 51
  • https://track.adform.net/Serving/TrackPoint/?pm=1923849&ADFPageName=Boo_rtg&ADFdivider=| HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1923849&ADFPageName=Boo_rtg&ADFdivider=|
Request Chain 52
  • https://13148028.fls.doubleclick.net/activityi;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F HTTP 302
  • https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Request Chain 60
  • https://adservice.google.com/ddm/fls/i/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F HTTP 302
  • https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Request Chain 78
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157
Request Chain 81
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5769064425553103511&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5769064425553103511&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=320a0df649024d19b4632a5245d7c96b HTTP 307
  • https://c1.adform.net/serving/cookie/match?party=9&uid=8f02463f86c0c944c1a3ba2b41423b0fe9f98365c6943e33d7ef87807455903c
Request Chain 82
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5769064425553103511&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=10&cid=9007144975453129486
Request Chain 83
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1&verify=true
Request Chain 85
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5769064425553103511 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5769064425553103511 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5e9ef26-caeb-42c3-b881-b51d3f66f6ff&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 86
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157&C=1
Request Chain 87
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external
Request Chain 88
  • https://ps.eyeota.net/match?uid=5769064425553103511&bid=9gdtmu1 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=5769064425553103511&bid=9gdtmu1
Request Chain 90
  • https://idsync.rlcdn.com/398366.gif?partner_uid=5769064425553103511 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTc2OTA2NDQyNTU1MzEwMzUxMRAAGg0IzaeeqQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778&expected_cookie=7b97e331-6380-4b79-8582-a4f3a1403e05
Request Chain 91
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent=
Request Chain 93
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5769064425553103511 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5769064425553103511
Request Chain 94
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 95
  • https://pixel.onaudience.com/?mapped=5769064425553103511&partner=68 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=acc74d888d784a56/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f359f3002b91d76901962fef2c9b5cd0&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=0596136d-c977-4677-8a3c-912fa8e88518&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=6d467a4bf6f5102a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=bmVDS0ovSGQ5OU9HWlk1aw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJmFeAVd6f2M1X2AfQNxKI8&google_cver=1
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTc2OTA2NDQyNTU1MzEwMzUxMQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBdpxQYuyrstdgU8_RPoeNA&google_cver=1&google_ula=1641347,0
Request Chain 98
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=3204153146485111299&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=5769064425553103511
Request Chain 102
  • https://a.audrte.com/a?adform_uid=5769064425553103511 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NTgyR0RUN2NaZFBUeEdwM0xyYnRXUVA4Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 103
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5769064425553103511&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5769064425553103511&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=02432448587834511544327743371558996752&noredirect=1
Request Chain 104
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5769064425553103511 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214210604667003560671
Request Chain 105
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288957034906253451
Request Chain 107
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=57c66527-93ce-4400-8e77-4b8ad0096b18
Request Chain 108
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=JGV9dnUV1QQPiC5
Request Chain 109
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0596136d-c977-4677-8a3c-912fa8e88518
Request Chain 110
  • https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5769064425553103511 HTTP 302
  • https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5769064425553103511
Request Chain 111
  • https://id5-sync.com/s/10/0.gif?puid=5769064425553103511 HTTP 302
  • https://id5-sync.com/c/10/10/2/1.gif?puid=5769064425553103511&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/10/2/1/2.gif?puid=3204153146485111299&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-755bMXlHO-8DsTxbs8nB8CZoCQDHeln5aocrn4wUFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/10/124/0/3.gif?puid=985ef41f-3edd-43c1-9eee-dc4ffd68a3e1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 112
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2551457767 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=z1LvQt1boN9yRJHBNcaoue
Request Chain 115
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5769064425553103511 HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=34a6f8c2a8&gdpr=0&gdpr_consent=
Request Chain 116
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5769064425553103511&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5769064425553103511&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=322a2f47-0397-4108-8bb7-ce27783fbd87%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%25253Fparty%25253D2007%252526cid%25253D322a2f47-0397-4108-8bb7-ce27783fbd87%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0596136d-c977-4677-8a3c-912fa8e88518&ttd_puid=322a2f47-0397-4108-8bb7-ce27783fbd87%2Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D322a2f47-0397-4108-8bb7-ce27783fbd87%2C HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=322a2f47-0397-4108-8bb7-ce27783fbd87
Request Chain 119
  • https://eb2.3lift.com/xuid?mid=7354&xuid=5769064425553103511&dongle=AD20 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5769064425553103511&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
bonus.betboo942.com/
Redirect Chain
  • https://bonus.betboo830.com/
  • https://bonus.betboo942.com/
1 KB
1 KB
Document
General
Full URL
https://bonus.betboo942.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=10800
cf-cache-status
HIT
cf-ray
814d5354d837daad-MIA
content-encoding
br
content-type
text/html
date
Thu, 12 Oct 2023 06:35:55 GMT
expires
Thu, 12 Oct 2023 09:35:55 GMT
last-modified
Wed, 11 Oct 2023 16:23:21 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
SJmZdkhmFZm4nlg3cukAf/lY1EeR+YHB7vAgLOJWHgGhBgACTixguTn040GffuAR3nPVGD8fhz4=
x-amz-request-id
NVP8CY2NAHHYV6JK

Redirect headers

content-length
162
content-type
text/html
date
Thu, 12 Oct 2023 06:35:54 GMT
location
https://bonus.betboo942.com/
server
nginx
x-frame-options
SAMEORIGIN
Primary Request /
bonus.betboo942.com/dev-bonus/
Redirect Chain
  • http://bonus.betboo942.com/dev-bonus/
  • https://bonus.betboo942.com/dev-bonus/
23 KB
7 KB
Document
General
Full URL
https://bonus.betboo942.com/dev-bonus/
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf057915181d79b8395bf0a213e6390bcaef72d2d931435bcdbf4c4c74fbbae

Request headers

Referer
https://bonus.betboo942.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=10800
cf-cache-status
HIT
cf-ray
814d5356c99ddaad-MIA
content-encoding
br
content-type
text/html
date
Thu, 12 Oct 2023 06:35:55 GMT
expires
Thu, 12 Oct 2023 09:35:55 GMT
last-modified
Wed, 11 Oct 2023 16:23:19 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
PDeuzxFzvELdKKA0eHJmiSeYHa4kmh82unW6F0ij6eBQ9Wd53SRRwo7fiFBA0ZTt1JUahMP43ig=
x-amz-request-id
RXBXX5A48F95RJZA

Redirect headers

CF-RAY
814d5355be4867c2-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 12 Oct 2023 06:35:55 GMT
Expires
Thu, 12 Oct 2023 07:35:55 GMT
Location
https://bonus.betboo942.com/dev-bonus/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
8 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=latin-ext
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64d668c42b4233490db9b884c795496e5b5fd6c631b9e5ab00ad92db45d15968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 06:35:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 06:35:55 GMT
css
fonts.googleapis.com/
2 KB
628 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 04:36:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 06:35:55 GMT
css
fonts.googleapis.com/
2 KB
963 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:300
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbd9f9c36fef8587c0fa2ca7f121866a61d34745244ff39f37a632685cd157c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 05:48:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 06:35:55 GMT
css2
fonts.googleapis.com/
32 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 06:02:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Oct 2023 06:35:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/
115 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
876
age
2409931
cdn-cachedat
09/04/2022 09:22:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1618e898199956ea0e72e576db88d8aa
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
814d5357bbf0221a-MIA
cdn-requestpullsuccess
True
betboo.css
bonus.betboo942.com/dev-bonus/css/
31 KB
6 KB
Stylesheet
General
Full URL
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55fa6f2517e65eb5d72b5be872b4b57fca1ef238f2752a0c5b49f079abb8adf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCVG1DZDKR9B26D
cf-polished
origSize=45913
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4qIqQCA6yxhlo0R98UkG1PCXTsxOHdP9y2cHTv7LVFi0nrWUKCy8FiFgM8iuzYdOYY/7WSVoTIo=
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 12:24:48 GMT
server
cloudflare
etag
W/"ebc435e10de55dba2dd1e4830d33a23f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10800
cf-ray
814d53575db831d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
header.css
bonus.betboo942.com/dev-bonus/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://bonus.betboo942.com/dev-bonus/css/header.css?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c645a238c7fb71bd7430d7ae1a6ab839e2ef290c1f32c6212505be831e274825

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCSVV6R46GKHPA3
cf-polished
origSize=12791
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AgDvoTd/hEG/FNjRkaQEceHTR0N+i9mrE68X1TKcQ2pzDpV+zMBanl4dEAut73Hfcu/HJJrdUi4=
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 12:24:48 GMT
server
cloudflare
etag
W/"a1da05070e1400895e19845328f0284a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10800
cf-ray
814d53575db931d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
acq-full-bg.css
bonus.betboo942.com/dev-bonus/css/
14 KB
4 KB
Stylesheet
General
Full URL
https://bonus.betboo942.com/dev-bonus/css/acq-full-bg.css?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb51bb6ac145fd17af3fc80b5f48ca3c0fef8ef208bffdde2df62be84b87d5f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCXG9JKFR9VJRC2
cf-polished
origSize=19175
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rlDGaLY84cXH629sQ9btShwhrB/6sRzHF2HE/zGxQd1SQpj6RK68IrY4lvIqQn+hCAXfmBuDpkI=
cf-bgj
minify
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
W/"dd1e85ae1c27b8726666bd98b854591c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10800
cf-ray
814d53575dba31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
confetti.css
bonus.betboo942.com/dev-bonus/css/
1 KB
764 B
Stylesheet
General
Full URL
https://bonus.betboo942.com/dev-bonus/css/confetti.css?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba09cf594a99e4de09f4bfa2eea0fc736b2d0848aebd896f18d9363e496d9fa0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCK3DK4SVNMAX6A
cf-polished
origSize=1570
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wE48hJfBKpCADBS0lCcyNjbDbL1EVPdn9n79f+ElJBbKY1Hie8fcVsLJzl7erLHFXrKFI3f1/5k=
cf-bgj
minify
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
W/"128786719b1266f725c72548aed8ee68"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10800
cf-ray
814d53575dbb31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
affiliatelanding.css
bonus.betboo942.com/
84 B
462 B
Stylesheet
General
Full URL
https://bonus.betboo942.com/affiliatelanding.css?_=202303140000
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09f1c60d0c056da4945a6b7af039034edaa1febaed4a33061a0fe779d70c324

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V178P5AGZE90GP64
age
42826
cf-polished
origSize=123
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EP56RAPREk/YknIjBpe9ir9zOntVKAv6L0JnN5VNwH1QRp9/oNrcS0tHZEM/EYJAbtposuNfJR0=
cf-bgj
minify
last-modified
Mon, 13 Mar 2023 12:58:50 GMT
server
cloudflare
etag
W/"711296fd422ecc0509bee71e3feb5fa2"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=10800
cf-ray
814d53575dbc31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
jquery-1.11.1.min.js
bonus.betboo942.com/dev-bonus/js/
94 KB
34 KB
Script
General
Full URL
https://bonus.betboo942.com/dev-bonus/js/jquery-1.11.1.min.js?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
x-amz-request-id
DDCYF4236AV5B6G2
etag
W/"4dc834d16a0d219d5c2b8a5b814569e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
814d53575dbd31d1-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rchNbh7f5lpFHS314Jtv+UEOL86SbJVcGJM8eMJFRle0c6b2vn7AHpVRW+8UqFR7aVIhf+PNrcA=
expires
Thu, 12 Oct 2023 09:35:55 GMT
player2.png
bonus.betboo942.com/dev-bonus/images/
663 KB
663 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/player2.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cb419c205fd87de61332c4736edb56ce27ffef538b89febc95905d2057b1d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCSA2XKK0E1YYNB
cf-polished
origFmt=png, origSize=1125887
content-disposition
inline; filename="player2.webp"
alt-svc
h3=":443"; ma=86400
content-length
678554
x-amz-id-2
xILWU/HMDn3ifcxGeqe5t+y1vl4U41+b+4p4FsSejFMRFa5cX7HXsV6PNovNmxSm/jRuMBegxdk=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"b33c0978f51a7e13f245381d8c1ff47d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ec531d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
player_mid.png
bonus.betboo942.com/dev-bonus/images/
48 KB
49 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/player_mid.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efc048384eafe139c37be6f208fcbeda40ce3688a7dceb19f758ba18dce4ac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCWQ39JKT79BYFF
cf-polished
origFmt=png, origSize=88922
content-disposition
inline; filename="player_mid.webp"
alt-svc
h3=":443"; ma=86400
content-length
49626
x-amz-id-2
Oy4RpKLtoheojUdRK7JvFNARfOf97h87/6txYZ71nPdn7zAyq3NL0N07nTRcSlV/rCJCIvanL7w=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"9aa31fceca131a254c377ee0afbbd36d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ec731d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
player_mid2.png
bonus.betboo942.com/dev-bonus/images/
806 KB
806 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/player_mid2.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c970dfe68f869690474f31ab8f97adab284a878c9f13a0092d60b1ae9c9188a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCQ4QBDZ8WJZZT5
cf-polished
origFmt=png, origSize=1116133
content-disposition
inline; filename="player_mid2.webp"
alt-svc
h3=":443"; ma=86400
content-length
825156
x-amz-id-2
GcKQ1mP5QN/ex+mU0QOZ4TKYFN/f2dw1RkYK8sP8X42YZiH8CbJN08DK3DU5qCLEcK0ojDKs8tY=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
etag
"c5851cf9fe09469aaa6713f7aa0e13a4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ec831d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
player1.png
bonus.betboo942.com/dev-bonus/images/
415 KB
415 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/player1.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506a059f2afab5955744647180bd687206b03e32f0ad39a2bfabade78ef55d3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCZ9KZ743PMK4HK
cf-polished
origFmt=png, origSize=737815
content-disposition
inline; filename="player1.webp"
alt-svc
h3=":443"; ma=86400
content-length
424934
x-amz-id-2
5G1q8XArbYVmHtglRsmwxkOZGV7KnlZw+U32NCHDPMar8Br7SWhlrVAlBvC0A0bjj4KX+VTHx2M=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"8a79f47d439010da28f026d6cd5d67cc"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ec931d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
quote.png
bonus.betboo942.com/dev-bonus/images/
10 KB
11 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/quote.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b70eb9572cb53143349a03152aa642bec70ddec3897fd31d46fe0f6c6b5c65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCKXCP9PRRNZK1S
cf-polished
origFmt=png, origSize=17734
content-disposition
inline; filename="quote.webp"
alt-svc
h3=":443"; ma=86400
content-length
10358
x-amz-id-2
fWgUch/sho+ganLiAP+11/ipW2Se5c6Kv9C9SoaXBwVBXUsHIGuFBTINdbA1ubCO+6lpVaJvXY8=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
etag
"c2d6c7a58ab09208904b4d18cd8d5ca6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588eca31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
game1.jpg
bonus.betboo942.com/dev-bonus/images/
54 KB
55 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/game1.jpg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e82c401e1295c5129146c1cfa463a89d26a6a8960cc1d1fb4a9e9c864244560

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCSN9JYRD2YQY12
cf-polished
qual=85, origFmt=jpeg, origSize=292110
content-disposition
inline; filename="game1.webp"
alt-svc
h3=":443"; ma=86400
content-length
55580
x-amz-id-2
9dy0K1j9kBVp22uWP6vS0z7JI94R/SDyHyv+4qiIxTzKpccAPT8AuCgM70M3dDdF3Pf2htbxKm4=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"9b77af21e6c5f29a390a2a14beb0ac93"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ecc31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
game2.jpg
bonus.betboo942.com/dev-bonus/images/
51 KB
51 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/game2.jpg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9450e2cd5abf7a9eeed20d2b67a93c762b4f500cf6437b3575c13510c0872adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
CMYMPERJEV2W09MQ
cf-polished
qual=85, origFmt=jpeg, origSize=273963
content-disposition
inline; filename="game2.webp"
alt-svc
h3=":443"; ma=86400
content-length
51824
x-amz-id-2
LxzGrK5FxON8TzOpCc2msRr6cXmiV9X5cd0lbDDazK9clnqyTowcf6weTbyDjCPJy7s2ljoFQ/g=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"021abd95312c7bf8233933782a1bc598"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ecd31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
game3.jpg
bonus.betboo942.com/dev-bonus/images/
45 KB
46 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/game3.jpg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4bfe0b7b8a45c450dca018e5b4b248de4baf469f6dda5bd3f1a37d8a73a751

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCMGAAZ0YKYXFRK
cf-polished
qual=85, origFmt=jpeg, origSize=266607
content-disposition
inline; filename="game3.webp"
alt-svc
h3=":443"; ma=86400
content-length
46550
x-amz-id-2
XHUeOFyB0QS1jwl7SAL2bWL14QCYoa0axz5s8EOasp0uJhs+jrZdjuzzNKgASQWPQOBj32dyXVU=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"62aaf6ba2bb1f4fd2bdc3e3e7be763e8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ece31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
gamcare.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
464 B
863 B
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/gamcare.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a3b15b76aae1de6e520be123b69901c237981581d94be2a33454f3cf621845

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCVZP35X02Q24Y4
cf-polished
origFmt=png, origSize=2342
content-disposition
inline; filename="gamcare.webp"
alt-svc
h3=":443"; ma=86400
content-length
464
x-amz-id-2
Dcjzip6ukdGmBlV/kb4TMR0Jqiexxfk+ONx/W0JuJfYeUJ4TwCRIKAGlT19GITqecY3Lonuuqwg=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"be95660ddd64226fae849082c629dc45"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ed031d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
age18plus.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
428 B
829 B
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/age18plus.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab24c85bf132177ffb79ed5bc63be521a159d0488c917653964ecec9b1136de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCVB39AWZC4GJ4W
cf-polished
origFmt=png, origSize=2362
content-disposition
inline; filename="age18plus.webp"
alt-svc
h3=":443"; ma=86400
content-length
428
x-amz-id-2
rm8UvLCAC1WKG5YkPKvMr/gHN2CkC0M1zHnT7KCBS5H9C7e6wmBC9CE9a8wnUtXNykS0UJSrot0=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"e1cb69e358c9abda7794f3524f542992"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ed131d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
cil_licence-grey.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
832 B
1 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/cil_licence-grey.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd8a3b3a69fe1d9aa9342aee8ae668e7986711dbdafe2260ae9eb64839e6a62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
DDCZ8CPKKXA517AW
cf-polished
origFmt=png, origSize=1732
content-disposition
inline; filename="cil_licence-grey.webp"
alt-svc
h3=":443"; ma=86400
content-length
832
x-amz-id-2
VoCmvQXOyt8cs+3zX9aJFmmt8e3S5ivfpEKnfcHWEBVODfiDrEFJn8ohqMoDx8ehtaNxIq6lRdM=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"c293a5e4d1384473002842335bb9921e"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53588ed331d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
cancel.svg
bonus.betboo942.com/dev-bonus/images/
796 B
716 B
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/cancel.svg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235e8c5d99f869302942a3fe2865ae0cf42778cd89241c4f2cd3e7a13506babb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
x-amz-request-id
DDCX05RWQ2MNQ7TA
etag
W/"9ae18a63eee8e69430c6daa32afeef06"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10800
cf-ray
814d53588ed431d1-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JVLOn1EYb1UR7mTb399xJOcqjkLkDdeAlKt0NVDGHgkd2BP8hh4C+9B0NRPXRHCoI9uFaHhHJ7E=
expires
Thu, 12 Oct 2023 09:35:55 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/
35 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
674, 617, 617
age
11306795
cdn-cachedat
2021-06-03 04:38:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
88ee1d72816c60003b7d4e43f706c852
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
814d53587c66221a-MIA
cdn-requestpullsuccess
True
confetti.js
bonus.betboo942.com/dev-bonus/js/
11 KB
3 KB
Script
General
Full URL
https://bonus.betboo942.com/dev-bonus/js/confetti.js?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40e849273121f22a41072190a49bf6f8270755c9fd61afeb988b4d4a0fbaa52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCKN9RXYDW89875
cf-polished
origSize=13440
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4zYWLx2R8h2sR0X0dLyOJ+XxZ/wTs8Bdf1SkvjePGUseygnmN5kOLYJwtmcNC1mktdIiy2UuoD8=
cf-bgj
minify
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
etag
W/"23e54fb5b83345f51c6b94b8b385ed89"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
814d53587eb531d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
affiliatelanding.1.0.js
bonus.betboo942.com/
3 KB
1 KB
Script
General
Full URL
https://bonus.betboo942.com/affiliatelanding.1.0.js
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e863e2640d0cf7e332076e2c025979acc32b0d66ec105c12e95bbbc4d13b613f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V172VP6G53EY99ZZ
age
42825
cf-polished
origSize=3937
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uYKqZCPRD1eGOSvnW8nrsWjrb0jiuEee4pSlGOMFmIhRQkavr9BLHT1AArhbnNYfQgrMI1jwS3I=
cf-bgj
minify
last-modified
Mon, 08 May 2023 12:06:07 GMT
server
cloudflare
etag
W/"9a7eb8cdaff50015b387e9570a955eb4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
814d53588ebf31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
betboo-animation.js
bonus.betboo942.com/dev-bonus/js/
95 B
415 B
Script
General
Full URL
https://bonus.betboo942.com/dev-bonus/js/betboo-animation.js?_=202110051650
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfb9f89299cfb9a950f9957bfcca50a724ead2b7a50faec019994138b60f5ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DDCRGRJV616STB19
cf-polished
origSize=448
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vqC15H1zHuyl6tba5ct9GrSBx4Xwg4C4BVnSOXuvx9Qh16RQhfdLlzMh6KIQC2N72juL3NLxrY4=
cf-bgj
minify
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
etag
W/"2ec6b0df83669ad94f4e9533aee8a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
cf-ray
814d53588ec331d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
gtm.js
www.googletagmanager.com/
292 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57025f3bac717fe32a612048989b3766e262f5dd13691e8fd19b50db819246f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97334
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Oct 2023 06:35:55 GMT
stadium.jpg
bonus.betboo942.com/dev-bonus/images/
69 KB
69 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/stadium.jpg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab935f4c99ab16a92225ea3cf8e0e4c5d8aae952a0907686f030cd6120634749

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14BYHB6WGGT5RW5
cf-polished
qual=85, origFmt=jpeg, origSize=673725
content-disposition
inline; filename="stadium.webp"
alt-svc
h3=":443"; ma=86400
content-length
70726
x-amz-id-2
2gYEJY6a5Z8X/1o9etbiFaScRGjqOtP67mPS9nUq4LPFi5VmiwxyvvPi5FDYcRMoa6DGJPC2xRw=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:20 GMT
server
cloudflare
etag
"1b7815cde70f34082158f863788f83ea"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5231d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
paykasa_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
2 KB
2 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/paykasa_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4b8c48d632efcf21f60b89deee10d84786ee2fb5395263a1852f72c8fdeabb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14DZ683TT1273MB
cf-polished
origFmt=png, origSize=6078
content-disposition
inline; filename="paykasa_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
1682
x-amz-id-2
Tk+ggWH5upGeimfmvdF8ZoB0loDNxbCXlTL611qDwLSN987frD5dmevzioSE5oUNBin5gnkvEeQ=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"f248f119364c8049b00fab927b1fbe77"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5531d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
visa.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
746 B
1 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/visa.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f74abe29a41e346a071b0c64f69dcdc35ce808903dd750392b137719ac0767

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14B3KYMVJWTTMNF
cf-polished
origFmt=png, origSize=2199
content-disposition
inline; filename="visa.webp"
alt-svc
h3=":443"; ma=86400
content-length
746
x-amz-id-2
+a6v7GhD6ZOcfIRqxKGWc0u0wNCdz+qeHFBB8dGZKCH0ypGpZs9ha8Av2RPGvthEakKthmDX1fE=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"4c72197cea5af6a207f66a1a70d83620"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5831d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
payz_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
614 B
1014 B
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/payz_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1867cb1919bffce2d18f0daeef94b52aacd96324218b7f7c13e568e54174d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14753248XTY7YTR
cf-polished
origFmt=png, origSize=2072
content-disposition
inline; filename="payz_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
614
x-amz-id-2
RPEs5uqt5XQqU1xfM0XbXumwjDq+C3UYA7euVudVQBdGabgSGe1ORMGd4DVRxCitZnAN87HD1Xo=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"9108edd713c8173a6cac92451bedf59d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5a31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
astropay_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
1 KB
2 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/astropay_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88abfed7273e75515f8bc5b34548a9582482f0dea62bf7f65650e4028b046312

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14FGMJ75CVK3NVX
cf-polished
origFmt=png, origSize=3067
content-disposition
inline; filename="astropay_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
1364
x-amz-id-2
OePNDKL1cqFoWXvh5Kf2iimzgmqX3E3zgiEBrXINMKOMg6cQgpLJhFHBjrbiFWvhIhxSPDnKPFQ=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"4694631d9da616c695efa0d964b5cfd8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5b31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
paykwik_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
1 KB
2 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/paykwik_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4631ff00a090552e5798f39d94fea2b2cf995d2b7e102543887ee4acbf8dac6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14D1DH1N6GNXFKS
cf-polished
origFmt=png, origSize=2831
content-disposition
inline; filename="paykwik_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
1164
x-amz-id-2
bp016zSNyksdNkqpTf4C0aMiUf/n8s1f+wflpE7NH87EN5IGowoEVWKnAfvIUqSpvT61dCY5buY=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"9dd5869c11f6ae47e91dbd6f052fc68d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5d31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
netent_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
684 B
1 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/netent_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeb9538403472bef1db0c237dce159fb9709d8f6391a7710158cd72a2000554

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V141SM1KW605XXTY
cf-polished
origFmt=png, origSize=2102
content-disposition
inline; filename="netent_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
684
x-amz-id-2
2HXc4MrUggYOkXSRuRHOxC53sT37jqY0eC6Q5D3d8NBDvzNvgokFS+iiOg0wGG/zTP84jUW1z/g=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"4e974c6a6bdc588cff4fd0c7e6b6f2a6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5e31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
evolution-gaming_gray.png
bonus.betboo942.com/dev-bonus/images/betboo-logos/
2 KB
2 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logos/evolution-gaming_gray.png
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7287185a5ef7119f84899028998d6f3fac76142952faaa29bab3ddee0469b85f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/css/betboo.css?_=202110051650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
cf-cache-status
HIT
x-amz-request-id
V14AX6GXC1BWWCEC
cf-polished
origFmt=png, origSize=3494
content-disposition
inline; filename="evolution-gaming_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
1550
x-amz-id-2
vZIOoPLGtMe6Iqtn0SjLxrExbHixmhA0nrJd4dEftrs8UrbjySL5nR51bTxEh3uHzfOwzwYvxSk=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
etag
"59c15f3fb850bcba662411f46f36d8b1"
vary
Accept
content-type
image/webp
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
814d53592f5f31d1-MIA
expires
Thu, 12 Oct 2023 09:35:55 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.betboo942.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 14:24:32 GMT
x-content-type-options
nosniff
age
144683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 14:24:32 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.betboo942.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 19:27:41 GMT
x-content-type-options
nosniff
age
126494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 19:27:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.betboo942.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 02:41:58 GMT
x-content-type-options
nosniff
age
100437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 02:41:58 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.betboo942.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 12:56:52 GMT
x-content-type-options
nosniff
age
149943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 12:56:52 GMT
KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.betboo942.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 19:27:50 GMT
x-content-type-options
nosniff
age
126485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11796
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 19:27:50 GMT
betboo-logo.svg
bonus.betboo942.com/dev-bonus/images/
3 KB
1 KB
Image
General
Full URL
https://bonus.betboo942.com/dev-bonus/images/betboo-logo.svg
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccbd1fe904b2ac7520e33f58c8f8a5e8ecb89159e81a297ac151067f18c20308

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/dev-bonus/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Jul 2022 12:06:19 GMT
server
cloudflare
x-amz-request-id
V142T5XPH09A9190
etag
W/"dbbe6bb317802f92496b07906e76a8a7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=10800
cf-ray
814d53595f7c31d1-MIA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
c2SRBROkB13il/ZUbocyjg61o5SUkQdoNGSpGl+Q4NOqOdkmBsYj64XMAPjm5HIJbRjsEfUt2+U=
expires
Thu, 12 Oct 2023 09:35:55 GMT
main.js
bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame B574
Redirect Chain
  • https://bonus.betboo942.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
7 KB
3 KB
Script
General
Full URL
https://bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H3
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b183bcda2c8c664124af622e682265d021411c3e5e807ef6bf10c67b35a6cefb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
814d535a280e31d1-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 12 Oct 2023 06:35:55 GMT
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
814d53597f8931d1-MIA
alt-svc
h3=":443"; ma=86400
814d5356c99ddaad
bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B574
0
276 B
XHR
General
Full URL
https://bonus.betboo942.com/cdn-cgi/challenge-platform/h/g/jsd/r/814d5356c99ddaad
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
br
server
cloudflare
cf-ray
814d535b18d731d1-MIA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Oct 2023 05:07:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 12 Oct 2023 07:07:24 GMT
hotjar-611755.js
static.hotjar.com/c/
11 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-611755.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-118.phl51.r.cloudfront.net
Software
/
Resource Hash
761087d8a79b58591e725bdd0d0c9cef52096be5f0d06ffa4f2525639376bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 12 Oct 2023 06:35:56 GMT
via
1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
etag
W/c0213714e91a14c6140a295a059b7b0e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
QcYq9Rz0KM9iBe4wzNiOsLrF9U-Ppg6DE8xPvSgiHSMaFtlXsjSdog==
script.js
widgets.getsitecontrol.com/193321/
52 B
908 B
Script
General
Full URL
https://widgets.getsitecontrol.com/193321/script.js
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
gzip
cdn-edgestorageid
1029
x-amz-request-id
BPPEQ5SFD75N9547
cdn-cachedat
07/28/2023 17:39:29
cdn-pullzone
44619
x-amz-id-2
kCGkaNC1JigcyrvpuEkSktIfMZBNX9+YbQgy0hpjlbIJ5OBSeXFsKGK0779swcoqHaiS1z2HQbHsv0/kxa4NyC8s7YvsIpi3
last-modified
Wed, 20 Apr 2022 12:00:31 GMT
server
BunnyCDN-IL1-1029
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"fcd7df2cdb14fde1baa376e73e4c5070"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
4596c790046d72dfc9d5894eea677073
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
sdk.optimove.net/websdk/
148 KB
24 KB
Script
General
Full URL
https://sdk.optimove.net/websdk/?tenant_id=353
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/
Resource Hash
60dac0a7826ca3137a89346473f66354ee6baf82792eaa3549f96a513459d9e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
gzip
x-cdn
Imperva
etag
W/"24f4d-ncdJqZWCoBA6hkPcK+c41kJbcHE"
content-type
text/javascript; charset=utf-8
x-iinfo
14-85235238-85222643 3CNN RT(1697092556060 30) q(0 0 0 0) r(4 4)
cache-control
max-age=3397, public, no-transform
x-incap-sess-cookie-hdr
99hJS9OcKD9KDXW92/quDcyTJ2UAAAAAQOv1mEm9sSMENbbLHlzslQ==
content-length
24105
expires
Thu, 12 Oct 2023 07:32:33 GMT
js
www.googletagmanager.com/gtag/
225 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VKWD51MEPY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a49a11bc031957ec44e2bb89ad22d0647950deca6e6b6f77937547c2d69f126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 06:35:56 GMT
js
www.googletagmanager.com/gtag/
275 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N5CN0RCTP0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef0ea2391536eda2480280ec067beae3e476d8e3ca32d39d1b79ab4a1103943e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92673
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 06:35:56 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1923849&ADFPageName=Boo_rtg&ADFdivider=|
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1923849&ADFPageName=Boo_rtg&ADFdivider=|
35 B
518 B
Image
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1923849&ADFPageName=Boo_rtg&ADFdivider=|
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1923849&ADFPageName=Boo_rtg&ADFdivider=|
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=...
13148028.fls.doubleclick.net/ Frame D39B
Redirect Chain
  • https://13148028.fls.doubleclick.net/activityi;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;...
  • https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uam...
561 B
494 B
Document
General
Full URL
https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ78DVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
19ba6dfa45ca2b7737723fe917946322daff587e7c264c2de70a13032f7f2f23
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.betboo942.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
318
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 06:35:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 06:35:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
16 B
162 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1832667942&t=pageview&_s=1&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dr=&ul=en-us&de=UTF-8&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACEABBAAAACAFKC~&jid=773340369&gjid=1545187390&cid=1530986698.1697092556&tid=UA-157353424-1&_gid=623607273.1697092556&_r=1&_slc=1&gtm=45He3ab0n81NZ78DVP&cd3=1697092556104.gi6aokgc&cd5=2023-10-11T20%3A35%3A56.104-10%3A00&z=991861306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
404d2639cc4f2cb4c394c0bc13ab025a0b98b27fd777c3089f36f9bf9b66766e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1832667942&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dr=&ul=en-us&de=UTF-8&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Login%20Success&ea=undefined&el=gtm.dom&_u=4GDACEABBAAAACAFKC~&jid=&gjid=&cid=1530986698.1697092556&tid=UA-157353424-1&_gid=623607273.1697092556&gtm=45He3ab0n81NZ78DVP&z=1543296381
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Oct 2023 10:49:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71214
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
47 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VKWD51MEPY&gtm=45je3ab0&_p=1832667942&cid=1530986698.1697092556&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697092556&sct=1&seg=0&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&en=page_view&_fv=1&_ss=1&ep.allowlinker=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VKWD51MEPY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-157353424-1&cid=1530986698.1697092556&jid=773340369&gjid=1545187390&_gid=623607273.1697092556&_u=4GBACEAABAAAACAFKC~&z=157272311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 12 Oct 2023 06:35:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
227 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5CF7D8LMC7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c8595e108609a2c8711fc13f07152587d19b81549d0d26b69b15d3e5cc44a7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82617
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 06:35:56 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N5CN0RCTP0&gtm=45je3ab0&_p=1832667942&tt=track&cid=1530986698.1697092556&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697092556&sct=1&seg=0&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5CN0RCTP0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.74bc245a0e87ae22b94b.js
script.hotjar.com/
226 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.74bc245a0e87ae22b94b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-611755.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
2b48a034ec1fe1289bacaa1b718d1b803fd7973edcea86b480d2889126725b16
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
530
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56292
last-modified
Thu, 12 Oct 2023 06:26:57 GMT
etag
"a7847c76eb2087f124913bdbec7d5f06"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wR7OZQhPeZBFqzhLjjxafLR_X6X1F2QA0Do20lba-lk0FpphoTNHFA==
dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref...
13148028.fls.doubleclick.net/ddm/fls/r/ Frame 5521
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=...
  • https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uam...
1 KB
522 B
Document
General
Full URL
https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Requested by
Host: 13148028.fls.doubleclick.net
URL: https://13148028.fls.doubleclick.net/activityi;dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
cafe /
Resource Hash
4de2b855285f9157364cbc91b1e57003a7e2809bfe708b295913f43f4da179a2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13148028.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
497
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 06:35:56 GMT
expires
Thu, 12 Oct 2023 06:35:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 06:35:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-157353424-1&cid=1530986698.1697092556&jid=773340369&_u=4GBACEAABAAAACAFKC~&z=1996474951
Requested by
Host: bonus.betboo942.com
URL: https://bonus.betboo942.com/dev-bonus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5CF7D8LMC7&gtm=45je3ab0&_p=1832667942&_gaz=1&ul=en-us&sr=1600x1200&cid=1530986698.1697092556&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&sid=1697092556&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=1697092556104.gi6aokgc&ep.ua_dimension_5=2023-10-11T20%3A35%3A56.104-10%3A00
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CF7D8LMC7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5CF7D8LMC7&cid=1530986698.1697092556&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CF7D8LMC7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
stream-353.optimove.net/ Frame
0
0
Preflight
General
Full URL
https://stream-353.optimove.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://bonus.betboo942.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 12 Oct 2023 06:35:56 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
1014-85235274-85235278 NNNN CT(1 3 0) RT(1697092556552 37) q(0 0 0 0) r(2 2) U6
x-incap-sess-cookie-hdr
uMZyIffUoHhmDXW92/quDcyTJ2UAAAAA3a+EOOGcuIuw+YAUakiXKw==
x-powered-by
Express
/
stream-353.optimove.net/ Frame
0
0
Preflight
General
Full URL
https://stream-353.optimove.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://bonus.betboo942.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 12 Oct 2023 06:35:56 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
14-85235274-85235279 NNNN CT(0 4 0) RT(1697092556552 38) q(0 0 0 3) r(2 2) U6
x-incap-sess-cookie-hdr
4Tm9c6j/oChmDXW92/quDcyTJ2UAAAAA5lNfybWMCcItXfzO5gIzKA==
x-powered-by
Express
/
sdkuaservice.optimove.net/
414 B
553 B
XHR
General
Full URL
https://sdkuaservice.optimove.net/
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.240.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.240.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1f34d704155745290850dfc22199b3af12fb1ed324f219d25ea19b628c832575

Request headers

Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=utf-8

Response headers

access-control-allow-origin
*
date
Thu, 12 Oct 2023 06:35:56 GMT
via
1.1 google
x-powered-by
Express
content-length
414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
/
stream-353.optimove.net/
49 B
468 B
Fetch
General
Full URL
https://stream-353.optimove.net/
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash
e56327d94a29f6fc5d111578ae7895df40688d9e7cda9033960570a01bd83c02

Request headers

Accept
application/json
Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID
2bf9dc76-ee6b-4f82-9c97-86fe877debb6
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
via
1.1 google
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
etag
W/"31-PrdHId4k4kgyVDbXnOVqteerRAA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
14-85235274-85235279 PNYN RT(1697092556552 182) q(0 0 0 0) r(1 1) U6
x-incap-sess-cookie-hdr
NndVIAFCt0JmDXW92/quDcyTJ2UAAAAA0Rl9UnvGwFnvy2qxKLRhYw==
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
stream-353.optimove.net/
49 B
446 B
Fetch
General
Full URL
https://stream-353.optimove.net/
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash
04765e216f9bcb939d22348eedc8f257243fa6cd7c3a06615f18e07fb3aec973

Request headers

Accept
application/json
Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID
113709e8-463f-4bf3-8c45-9e607c068374
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
via
1.1 google
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
etag
W/"31-Epx6EWCr0mdEpcG/yjmG2K/9GDY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
14-85235274-85235278 PNYN RT(1697092556552 185) q(0 0 0 -1) r(1 1) U6
x-incap-sess-cookie-hdr
NZ9xBO/cXDNmDXW92/quDcyTJ2UAAAAAZUOCY+WkR4PpiSFgJC0Tng==
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame 5521
81 KB
31 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: 13148028.fls.doubleclick.net
URL: https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.47 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
en-US,en;q=0.9
Referer
https://13148028.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:56 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
reportEvent
realtime-353.optimove.net/ Frame
0
0
Preflight
General
Full URL
https://realtime-353.optimove.net/reportEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://bonus.betboo942.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 12 Oct 2023 06:35:57 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
1014-85235274-85235305 NNNN CT(2 3 0) RT(1697092556552 379) q(0 0 0 0) r(1 1) U6
x-incap-sess-cookie-hdr
ytltTWYaGiaCDXW92/quDc2TJ2UAAAAAeetfXGEfAhmtK5W40X5M7A==
x-powered-by
Express
reportEvent
realtime-353.optimove.net/
77 B
478 B
Fetch
General
Full URL
https://realtime-353.optimove.net/reportEvent
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash
14811480475c2171ce84c472a6d16a5355ce92a03e8955814fde8827e8a34d55

Request headers

Accept
application/json
Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID
a7bf88ef-974d-4271-a65b-9b56a630e6b6
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
via
1.1 google
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-iinfo
14-85235274-85235305 PNYN RT(1697092556552 528) q(0 0 0 0) r(1 1) U6
x-incap-sess-cookie-hdr
oD7Kb0wu9xmCDXW92/quDc2TJ2UAAAAANlj6aS4N/MxuEEaycKBo2Q==
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Requested-With,Content-Type
reportEvent
realtime-353.optimove.net/ Frame
0
0
Preflight
General
Full URL
https://realtime-353.optimove.net/reportEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://bonus.betboo942.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 12 Oct 2023 06:35:57 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
1014-85235274-85235314 NNNY CT(1 5 0) RT(1697092556552 379) q(0 1 1 11) r(2 2) U6
x-incap-sess-cookie-hdr
rkSdBO02xVCCDXW92/quDc2TJ2UAAAAAhdohpY8WJFdCiDfs7D8m1A==
x-powered-by
Express
reportEvent
realtime-353.optimove.net/
77 B
434 B
Fetch
General
Full URL
https://realtime-353.optimove.net/reportEvent
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash
14811480475c2171ce84c472a6d16a5355ce92a03e8955814fde8827e8a34d55

Request headers

Accept
application/json
Referer
https://bonus.betboo942.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID
446bb3e1-51b5-4da9-a7af-6ca859321dcb
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
via
1.1 google
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-iinfo
14-85235274-85235314 PNYy RT(1697092556552 616) q(0 0 0 -1) r(1 1) U6
x-incap-sess-cookie-hdr
Y8f6d2kHWkaCDXW92/quDc2TJ2UAAAAAZRWREOC7IcUPkvrgED46GA==
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Requested-With,Content-Type
/
track.adform.net/Serving/TrackPoint/ Frame 5521
870 B
1 KB
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=3117555&ADFPageName=Betboo%20-%20Adform%20-%20TMRW%20-%20All%20Pages%2016196906&ADFdivider=%7C&ord=136455213483&ADFtpmode=2&loc=https%3A%2F%2F13148028.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLbW3rfy74EDFSSQgwgdzuUObA%3Bsrc%3D13148028%3Btype%3Dallpa0%3Bcat%3Dtmrw-0%3Bord%3D1812446320850%3Bauiddc%3D1745568079.1697092556%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3Bem%3Dtv.1%3B~oref%3Dhttps%253A%252F%252Fbonus.betboo942.com%252Fdev-bonus%252F&CPref=https%3A%2F%2F13148028.fls.doubleclick.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5c135aade27e9f25ae562c1071869b7812cea1bc6c52142b391819aedba9dc81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://13148028.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
698
expires
-1
pixels
c1.adform.net/imatch/ Frame E71D
5 KB
2 KB
Document
General
Full URL
https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Requested by
Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=3117555&ADFPageName=Betboo%20-%20Adform%20-%20TMRW%20-%20All%20Pages%2016196906&ADFdivider=%7C&ord=136455213483&ADFtpmode=2&loc=https%3A%2F%2F13148028.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLbW3rfy74EDFSSQgwgdzuUObA%3Bsrc%3D13148028%3Btype%3Dallpa0%3Bcat%3Dtmrw-0%3Bord%3D1812446320850%3Bauiddc%3D1745568079.1697092556%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3Bem%3Dtv.1%3B~oref%3Dhttps%253A%252F%252Fbonus.betboo942.com%252Fdev-bonus%252F&CPref=https%3A%2F%2F13148028.fls.doubleclick.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8c34db8c3a7cbce2f22dc9f6f14cccbf0e247d0dff96d0fc514a49146700a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://13148028.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Oct 2023 06:35:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
server.seadform.net/serving/cookie/sync/ Frame 5521
35 B
467 B
Image
General
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=5769064425553103511&stamp=ydccgsjB6gQDvP-67D9Y4w2
Requested by
Host: 13148028.fls.doubleclick.net
URL: https://13148028.fls.doubleclick.net/ddm/fls/r/dc_pre=CLbW3rfy74EDFSSQgwgdzuUObA;src=13148028;type=allpa0;cat=tmrw-0;ord=1812446320850;auiddc=1745568079.1697092556;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;em=tv.1;~oref=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://13148028.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
plf
c1.adform.net/imatch/ Frame E71D
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ul_cb/ Frame E71D
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157
43 B
422 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
52.203.127.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-127-100.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 12 Oct 2023 06:35:57 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5769064425553103511&Expiration=1698302157
access-control-allow-origin
*
date
Thu, 12 Oct 2023 06:35:57 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame E71D
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.169.75 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-169-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:35:57 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 11 Oct 2023 06:35:57 GMT
token
token.rubiconproject.com/ Frame E71D
0
655 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5769064425553103511&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5769064425553103511&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=320a0df649024d19b...
  • https://c1.adform.net/serving/cookie/match?party=9&uid=8f02463f86c0c944c1a3ba2b41423b0fe9f98365c6943e33d7ef87807455903c
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=9&uid=8f02463f86c0c944c1a3ba2b41423b0fe9f98365c6943e33d7ef87807455903c
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=9&uid=8f02463f86c0c944c1a3ba2b41423b0fe9f98365c6943e33d7ef87807455903c
date
Thu, 12 Oct 2023 06:35:57 GMT
content-length
0
p3p
CP=NOI PSA OUR
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5769064425553103511&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
  • https://c1.adform.net/serving/cookie/match?party=10&cid=9007144975453129486
35 B
600 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=10&cid=9007144975453129486
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=10&cid=9007144975453129486
pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
ups.analytics.yahoo.com/ups/55944/ Frame E71D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1
  • https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1&verify=true
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5769064425553103511&_origin=1&verify=true
date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame E71D
43 B
641 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.234 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:35:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1697092557614001-1169
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame E71D
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5769064425553103511
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5769064425553103511
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5e9ef26-caeb-42c3-b881-b51d3f66f6ff&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
375 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5e9ef26-caeb-42c3-b881-b51d3f66f6ff&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
59233

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b5e9ef26-caeb-42c3-b881-b51d3f66f6ff&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Thu, 12 Oct 2023 06:35:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame E71D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157&C=1
43 B
336 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHZNqY8V2Hymlv3LeyqOen25ZUi784FeDf5XLeq2jS4gu2Bhu9k5JnVv1IZ3iw7WgMGsfv1d75k2KSb2QcrvywNR0%2FY9DFQlUZ2v9Dam0OrKGeDv4Xw%2FOz3rul0eRt%2B8DkToVtqZzHPa8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
814d5364f9dc25ad-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ByuPyX7pG4E%2B5T6B56SHThk3CP1%2Fz1Y3BAfkQmCC4Vj6YqJ8ax8nyPd0P7LXL3HZx2XkJVFYC9NIgSuIpzSdMg%2Fgl9d4KAo1M7M8oKfHnEzuO9xY3IvQhYiopvplIbAws%2FveIRi66s%2FJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=5769064425553103511&expiration=1698302157&C=1
cache-control
no-cache
cf-ray
814d5364997825ad-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
info2
uipglob.semasio.net/adform/1/ Frame E71D
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:35:57 GMT
Frontend-ID
14
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:35:57 GMT
Frontend-ID
6
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/adform/1/info2?sType=sync&sExtCookieId=5769064425553103511&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
/
ps.eyeota.net/match/bounce/ Frame E71D
Redirect Chain
  • https://ps.eyeota.net/match?uid=5769064425553103511&bid=9gdtmu1
  • https://ps.eyeota.net/match/bounce/?uid=5769064425553103511&bid=9gdtmu1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match/bounce/?uid=5769064425553103511&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Server
3.232.64.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-64-79.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 12 Oct 2023 06:35:57 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=5769064425553103511&bid=9gdtmu1
Date
Thu, 12 Oct 2023 06:35:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
/
loadm.exelator.com/load/ Frame E71D
0
324 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.141.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-141-43.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
db_sync
px.ads.linkedin.com/ Frame E71D
Redirect Chain
  • https://idsync.rlcdn.com/398366.gif?partner_uid=5769064425553103511
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTc2OTA2NDQyNTU1MzEwMzUxMRAAGg0IzaeeqQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778&expected_cookie=7b97e331-6380-4b79-8582-a4f3a1403e05
0
141 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778&expected_cookie=7b97e331-6380-4b79-8582-a4f3a1403e05
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 19ED5D9C039F44899002F8D5D15AD3E5 Ref B: MIAEDGE1910 Ref C: 2023-10-12T06:35:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHfycVH9yjGo0VaP/NsQ==

Redirect headers

date
Thu, 12 Oct 2023 06:35:57 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4ECCBEEFCB9B4DC88F92517CC9A33050 Ref B: MIAEDGE1910 Ref C: 2023-10-12T06:35:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=22f30823774cf926048929f0519c4913cc5d38c9c57fcdc315f96b9a9f4c2634791426b5417dce21&rand=04503778&expected_cookie=7b97e331-6380-4b79-8582-a4f3a1403e05
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHfycTKCj6Et+uWS327A==
gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/ Frame E71D
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent=
49 B
545 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
3.217.186.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-186-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.86
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5769064425553103511/gdpr=/gdpr_consent=
cache-control
no-cache
x-server
10.40.3.190
content-length
0
expires
0
29729
tags.bluekai.com/site/ Frame E71D
62 B
430 B
Image
General
Full URL
https://tags.bluekai.com/site/29729?id=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.165.30 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-165-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 12 Oct 2023 06:35:57 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame E71D
Redirect Chain
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5769064425553103511
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5769064425553103511
43 B
171 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5769064425553103511
date
Thu, 12 Oct 2023 06:35:57 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame E71D
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Server
52.218.90.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 06:35:59 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
GMEPFD6QW56RPZHT
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
hh3Y2436dzn0duvpB+0V7ekd1bPH9lZbDiw0/YW9CbEo6/QAcyFMmEoecEA16FGfEaG/lQhhU1c=

Redirect headers

X-Error-Reason
Missing UserId
Date
Thu, 12 Oct 2023 06:35:57 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
2981
tags.bluekai.com/site/ Frame E71D
Redirect Chain
  • https://pixel.onaudience.com/?mapped=5769064425553103511&partner=68
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=acc74d888d784a56/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f359f3002b91d76901962fef2c9b5cd0&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=0596136d-c977-4677-8a3c-912fa8e88518&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=6d467a4bf6f5102a
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=bmVDS0ovSGQ5OU9HWlk1aw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJmFeAVd6f2M1X2AfQNxKI8&google_cver=1
62 B
305 B
Image
General
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJmFeAVd6f2M1X2AfQNxKI8&google_cver=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
104.96.165.30 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-165-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 12 Oct 2023 06:35:59 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJmFeAVd6f2M1X2AfQNxKI8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame E71D
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.241.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-241-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by
beacon-n011-ash-prod.krxd.net
date
Thu, 12 Oct 2023 06:35:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1697092557
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame E71D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTc2OTA2NDQyNTU1MzEwMzUxMQ
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBdpxQYuyrstdgU8_RPoeNA&google_cver=1&google_ula=1641347,0
35 B
600 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBdpxQYuyrstdgU8_RPoeNA&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBdpxQYuyrstdgU8_RPoeNA&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame E71D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=3&id=3204153146485111299&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=5769064425553103511
43 B
831 B
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=91&code=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
an-x-request-uuid
b451c993-370d-4eee-870e-0eea5fda14a9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.72; 38.132.118.72; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=5769064425553103511
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame E71D
42 B
472 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Oct 2023 06:35:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
plf
c1.adform.net/imatch/ Frame E71D
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
cs
pdw-adf.userreport.com/ Frame E71D
43 B
444 B
Image
General
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-16.phl51.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Wed, 11 Oct 2023 09:58:38 GMT
Via
1.1 94f18d69cd119572e1c08a4f8c671b16.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
PHL51-P1
Age
74240
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
oH5LcdouMyUkkFzy3plZXi19IOZ54NTsuZFReTqbZ5_5qOH0gS_vKQ==
p
a.audrte.com/ Frame E71D
Redirect Chain
  • https://a.audrte.com/a?adform_uid=5769064425553103511
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NTgyR0RUN2NaZFBUeEdwM0xyYnRXUVA4Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Server
34.237.158.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-158-211.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 06:35:58 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 12 Oct 2023 06:35:58 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5769064425553103511&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5769064425553103511&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=02432448587834511544327743371558996752&noredirect=1
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=02432448587834511544327743371558996752&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

DCS
dcs-prod-va6-2-v051-082bd1bde.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BJkPxmL/QYc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://c1.adform.net/serving/cookie/match?party=1007&cid=02432448587834511544327743371558996752&noredirect=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame E71D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5769064425553103511
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214210604667003560671
35 B
591 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214210604667003560671
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
via
1.1 534fd2eebbd6707fdf4614c97949ccac.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=214210604667003560671
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
0rjOhyt_s2-sDVJs2ws-4d0wvKiWM5le00FO4aUVl4MFU7hUiPqRog==
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame E71D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288957034906253451
35 B
591 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288957034906253451
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288957034906253451
Date
Thu, 12 Oct 2023 06:35:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame E71D
62 B
359 B
Image
General
Full URL
https://tags.bluekai.com/site/33302?id=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.165.30 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-165-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 12 Oct 2023 06:35:58 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
  • https://c1.adform.net/serving/cookie/match?party=1066&cid=57c66527-93ce-4400-8e77-4b8ad0096b18
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1066&cid=57c66527-93ce-4400-8e77-4b8ad0096b18
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Date
Thu, 12 Oct 2023 06:35:58 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x25 config_version:"1969"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://c1.adform.net/serving/cookie/match?party=1066&cid=57c66527-93ce-4400-8e77-4b8ad0096b18
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 12 Oct 2023 06:35:57 GMT
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=JGV9dnUV1QQPiC5
35 B
600 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=JGV9dnUV1QQPiC5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:35:57 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-011ee98c7ef98b128@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=JGV9dnUV1QQPiC5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dmp.adform.net/serving/cookie/match/ Frame E71D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
  • https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0596136d-c977-4677-8a3c-912fa8e88518
35 B
591 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0596136d-c977-4677-8a3c-912fa8e88518
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=0596136d-c977-4677-8a3c-912fa8e88518
date
Thu, 12 Oct 2023 06:35:58 GMT
server
Kestrel
content-length
225
image.sbmx
ib.mookie1.com/ Frame E71D
Redirect Chain
  • https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5769064425553103511
  • https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5769064425553103511
0
420 B
Image
General
Full URL
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
HTTP/1.1
Server
69.169.85.7 , United States, ASN29838 (AMC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2023 06:36:34 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
no-cache
X-Server
NY14
Content-Length
0
Expires
-1

Redirect headers

Date
Thu, 12 Oct 2023 06:36:44 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=5769064425553103511
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
private
X-Server
NY01
Content-Length
204
3.gif
id5-sync.com/cq/10/124/0/ Frame E71D
Redirect Chain
  • https://id5-sync.com/s/10/0.gif?puid=5769064425553103511
  • https://id5-sync.com/c/10/10/2/1.gif?puid=5769064425553103511&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/10/2/1/2.gif?puid=3204153146485111299&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-755bMXlHO-8DsTxbs8nB8CZoCQDHeln5aocrn4wUFA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
  • https://id5-sync.com/cq/10/124/0/3.gif?puid=985ef41f-3edd-43c1-9eee-dc4ffd68a3e1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/cq/10/124/0/3.gif?puid=985ef41f-3edd-43c1-9eee-dc4ffd68a3e1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/10/124/0/3.gif?puid=985ef41f-3edd-43c1-9eee-dc4ffd68a3e1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin
*
date
Thu, 12 Oct 2023 06:35:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
dmp.adform.net/serving/cookie/match/ Frame E71D
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2551457767
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=z1LvQt1boN9yRJHBNcaoue
35 B
600 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=z1LvQt1boN9yRJHBNcaoue
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
via
1.1 google
last-modified
Thu, 12 Oct 2023 06:35:58 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=z1LvQt1boN9yRJHBNcaoue
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame E71D
23 B
278 B
Image
General
Full URL
https://sync.teads.tv/um?eid=119&uid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.113.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-113-47.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 12 Oct 2023 06:35:58 GMT
pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
pixel.gif
sync.1dmp.io/ Frame E71D
0
0

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame E71D
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5769064425553103511
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=34a6f8c2a8&gdpr=0&gdpr_consent=
0
374 B
Image
General
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=34a6f8c2a8&gdpr=0&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64582

Redirect headers

date
Thu, 12 Oct 2023 06:35:58 GMT
via
1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=34a6f8c2a8&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hDiAbuKzLPUnaylggb6W_lDJPtOW1ENYyKk7C7G95DMN0yaMHSkmGw==
match
c1.adform.net/serving/cookie/ Frame E71D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5769064425553103511&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5769064425553103511&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=322a2f47-0397-4108-8bb7-ce27783fbd87%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0596136d-c977-4677-8a3c-912fa8e88518&ttd_puid=322a2f47-0397-4108-8bb7-ce27783fbd87%2Chttps%253A%252F%252Fc1.adform.net%25...
  • https://c1.adform.net/serving/cookie/match?party=2007&cid=322a2f47-0397-4108-8bb7-ce27783fbd87
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=2007&cid=322a2f47-0397-4108-8bb7-ce27783fbd87
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

date
Thu, 12 Oct 2023 06:35:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://c1.adform.net/serving/cookie/match?party=2007&cid=322a2f47-0397-4108-8bb7-ce27783fbd87
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
5769064425553103511
match.contentexchange.me/adform/ Frame E71D
0
49 B
Image
General
Full URL
https://match.contentexchange.me/adform/5769064425553103511?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:59 GMT
content-length
0
server
nginx/1.16.1
/
bpi.rtactivate.com/tag/ Frame E71D
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=16974&user_id=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.224.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-224-124.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:58 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
xuid
eb2.3lift.com/ Frame E71D
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7354&xuid=5769064425553103511&dongle=AD20
  • https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5769064425553103511&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=5769064425553103511&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 12 Oct 2023 06:35:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7354&xuid=5769064425553103511&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 12 Oct 2023 06:35:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame E71D
0
0

put
e1.emxdgt.com/ Frame E71D
43 B
120 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d52&uid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.212.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-89-30.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:58 GMT
content-length
43
x-nosync
emp
content-type
image/gif
adf
pixel.sojern.com/idsync/ Frame E71D
0
156 B
Image
General
Full URL
https://pixel.sojern.com/idsync/adf?adfid=5769064425553103511
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
plf
c1.adform.net/imatch/ Frame E71D
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=5769064425553103511&agencyId=8961&advertiserId=2171861&src=tp&rnd=341002
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:35:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5CF7D8LMC7&gtm=45je3ab0&_p=1832667942&ul=en-us&sr=1600x1200&cid=1530986698.1697092556&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=2&dl=https%3A%2F%2Fbonus.betboo942.com%2Fdev-bonus%2F&dt=BETBOO%20-%20%C3%9CYEL%C4%B0K%20TEKL%C4%B0F%C4%B0&sid=1697092556&sct=1&seg=0&en=undefined&_ee=1&ep.event_category=Login%20Success&ep.event_label=gtm.dom&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CF7D8LMC7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bonus.betboo942.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 06:36:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.betboo942.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.1dmp.io
URL
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5769064425553103511
Domain
sync.e-volution.ai
URL
https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=5769064425553103511

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer function| $ function| jQuery function| countdown object| jQuery111106628038154042442 number| retina number| PI function| sqrt function| round function| random function| cos function| sin function| rAF function| cAF function| _now object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| _gscq object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| optimoveTenantConfiguration function| openTestTool object| optimoveSDK object| userIdElement undefined| UserID

94 Cookies

Domain/Path Name / Value
.bonus.betboo942.com/ Name: __cf_bm
Value: zSp6RqujX176QokKlcG0_dHMIDzD48Wjrk7LO_E3ypY-1697092555-0-AScedFKalVHtd5G6fZ/XEZOCxSqiugtnMO4XCuYx8PZzYhZAGmCaSX5HZfj/FIZm4uKvIiBvUaJsaefOXDIDnZVZNZe9An9ir7B0wR0mv1i5
.bonus.betboo942.com/ Name: cf_clearance
Value: Uk9dNS4UIv8Edfs.C.zIPSihNScwVRZvMRO2OZDAppk-1697092556-0-1-c01399ea.5b11d7f4.7a26defe-0.2.1697092556
.betboo942.com/ Name: _gcl_au
Value: 1.1.1745568079.1697092556
.betboo942.com/ Name: _gid
Value: GA1.2.623607273.1697092556
.betboo942.com/ Name: _gat_UA-157353424-1
Value: 1
.betboo942.com/ Name: _ga_VKWD51MEPY
Value: GS1.1.1697092556.1.0.1697092556.0.0.0
.betboo942.com/ Name: _ga
Value: GA1.1.1530986698.1697092556
.betboo942.com/ Name: _ga_N5CN0RCTP0
Value: GS1.1.1697092556.1.0.1697092556.0.0.0
.betboo942.com/ Name: _ga_5CF7D8LMC7
Value: GS1.2.1697092556.1.0.1697092556.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUml3VvGP7d1X7nZjW6hRfP0AulGmtRMHeFjHYClBuxSytIvoBg1QHzQSy3XPg0
.betboo942.com/ Name: _hjSessionUser_611755
Value: eyJpZCI6IjgzYTk4ZWU3LWY1OWUtNTA4OC05NjFhLTUyOTlkOWRhZDdkNyIsImNyZWF0ZWQiOjE2OTcwOTI1NTY2NzAsImV4aXN0aW5nIjpmYWxzZX0=
.betboo942.com/ Name: _hjFirstSeen
Value: 1
.betboo942.com/ Name: _hjIncludedInSessionSample_611755
Value: 0
.betboo942.com/ Name: _hjSession_611755
Value: eyJpZCI6IjQ4YzY0ZGQ2LTJjNjAtNDI4Ny04MDA2LTNjZGExOTdjMzFkZCIsImNyZWF0ZWQiOjE2OTcwOTI1NTY2NzEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.betboo942.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5769064425553103511
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1697178957_1697092557_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.casalemedia.com/ Name: CMID
Value: ZSeTzUOIMqdTqGrmEi.7jQAA
.casalemedia.com/ Name: CMPS
Value: 2791
.casalemedia.com/ Name: CMPRO
Value: 2791
.360yield.com/ Name: tuuid
Value: 985ef41f-3edd-43c1-9eee-dc4ffd68a3e1
.360yield.com/ Name: tuuid_lu
Value: 1697092557
.smartadserver.com/ Name: pid
Value: 9007144975453129486
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 22:5769064425553103511
.yahoo.com/ Name: A3
Value: d=AQABBM2TJ2UCECKmwbqFTSJPmxoItMknzo8FEgEBAQHlKGUxZdxH0iMA_eMAAA&S=AQAAAsoBRTGka_RXTMg6TBoS778
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 5769064425553103511
.ads.stickyadstv.com/ Name: UID
Value: a952fa1fd1183b2414c79acff4459d25
.bidswitch.net/ Name: tuuid
Value: b5e9ef26-caeb-42c3-b881-b51d3f66f6ff
.bidswitch.net/ Name: c
Value: 1697092557
.bidswitch.net/ Name: tuuid_lu
Value: 1697092557
.analytics.yahoo.com/ Name: IDSYNC
Value: 1760~2efi
.rubiconproject.com/ Name: khaos
Value: LNMT3A6U-4-1DJX
.rubiconproject.com/ Name: audit
Value: 1|MH9HUvfvxLuQvvcTlbIA/Oxr/u6Posoxz5uV8yTl2ks8fCYmOTvXgydjo78gxruhLn2SO+zILnVCbuL7wqM7W8iEQX1ma3kMjgZhJoToAYUbLpvhJjmuU8Dvz0KJ1LZ2cCygDcYSdD/OZF4C5xzkLg==
.seadform.net/ Name: uid
Value: 5769064425553103511
.semasio.net/ Name: SEUNCY
Value: E339456E054C6D44
.openx.net/ Name: i
Value: d9d62692-9e60-4513-98f9-8a3276b23272|1697092557
.rlcdn.com/ Name: rlas3
Value: Vah6R/aXrHCGi/MS3Vhiz+CMquFu0OICAE7Zj1VwPmY=
.rlcdn.com/ Name: pxrc
Value: CM2nnqkGEgUI6AcQABIFCOhHEAA=
.eyeota.net/ Name: mako_uid
Value: 18b22995c08-619e0000010a5856
.eyeota.net/ Name: SERVERID
Value: 22614~DM
.adscale.de/ Name: uu
Value: 320a0df649024d19b4632a5245d7c96b
.adscale.de/ Name: cct
Value: 1697092557802
.taboola.com/ Name: t_gid
Value: a1fee55d-1467-484c-be2a-8b9546f6b5c5-tuctc21194d
.taboola.com/ Name: t_pt_gid
Value: a1fee55d-1467-484c-be2a-8b9546f6b5c5-tuctc21194d
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: f359f3002b91d76901962fef2c9b5cd0
.bluekai.com/ Name: bku
Value: /Ux991tEJtVJ1NTA
.pippio.com/ Name: did
Value: qm5fpNWc6KO1nfsv
.pippio.com/ Name: didts
Value: 1697092557
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CM2nnqkGEgYIgr0rEAA=
.krxd.net/ Name: _kuid_
Value: P2ZzbeSE
.onaudience.com/ Name: cookie
Value: acc74d888d784a56
.onaudience.com/ Name: done_redirects104
Value: 1
.ih.adscale.de/ Name: tu
Value: 4#2841918592#42~5769064425553103511~471414~0~0
.adnxs.com/ Name: uuid2
Value: 3204153146485111299
.onaudience.com/ Name: done_redirects147
Value: 1
.linkedin.com/ Name: li_sugr
Value: 7b97e331-6380-4b79-8582-a4f3a1403e05
.linkedin.com/ Name: bcookie
Value: "v=2&4000632f-5963-47d0-881f-2c4eb28b7931"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3017:u=1:x=1:i=1697092558:t=1697178958:v=2:sig=AQERwWrBThva3NnGux1jaFEmssD60D7H"
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5769064425553103511&KRTB&23263-5769064425553103511&KRTB&23481-5769064425553103511
.pubmatic.com/ Name: PugT
Value: 1697092557
.demdex.net/ Name: demdex
Value: 02432448587834511544327743371558996752
.audrte.com/ Name: arcki2
Value: 582GDT7cZdPTxGp3LrbtWQP8g!20220908!1697092558176!ip#38.132.118.72
.audrte.com/ Name: arcki2_adform
Value: 5769064425553103511!20220908!1697092558179
.dpm.demdex.net/ Name: dpm
Value: 02432448587834511544327743371558996752
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2C%yw49TH!]tbPl1M66+q([OUf!M#VEKN(Q5DDt[R!1wN`+5NXys8$t5e1l3If)y3KL9D3I?+Qfv80f
.audrte.com/ Name: arcki2_ddp2
Value: 582GDT7cZdPTxGp3LrbtWQP8g!20220908!1697092558307
.adsrvr.org/ Name: TDID
Value: 0596136d-c977-4677-8a3c-912fa8e88518
.agkn.com/ Name: ab
Value: 0001%3A7RRMw19ZgmBbD9WWjIheoK35m0qgyOfH
.mathtag.com/ Name: uuid
Value: 57c66527-93ce-4400-8e77-4b8ad0096b18
.w55c.net/ Name: wfivefivec
Value: JGV9dnUV1QQPiC5
.w55c.net/ Name: matchadform
Value: 5
.onaudience.com/ Name: done_redirects109
Value: 1
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 1cyle0nmto1c5gvrltx1hey2
.weborama.fr/ Name: AFFICHE_W
Value: NamXUUrtt5U168
.adfarm1.adition.com/ Name: UserID1
Value: 7288957034906253451
.tapad.com/ Name: TapAd_TS
Value: 1697092558686
.tapad.com/ Name: TapAd_DID
Value: 322a2f47-0397-4108-8bb7-ce27783fbd87
.teads.tv/ Name: tt_viewer
Value: 093c8756-bbfb-4ef6-ba9e-5ce21fdbecec
.smaato.net/ Name: SCM
Value: 34a6f8c2a8
.smaato.net/ Name: SCMt
Value: 34a6f8c2a8
.smaato.net/ Name: SCM1001213
Value: 34a6f8c2a8
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: sbhaqfj542vzgwepv0pvftjr
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjaot_y8L2lPBAFGAEgASgCMgsI6pjin4e-pTwQBTgBWgV0YXBhZGAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6846
.3lift.com/ Name: tluid
Value: 2921898524851701632667
.id5-sync.com/ Name: id5
Value: f69e20c7-ecf5-796e-8555-b1df09520acb#1697092558672#2
.360yield.com/ Name: um
Value: !42,WwZnI2rhUa6828abOLoQU8cFiv.Fj2rnc1dQQOVi9Z29,1698302157!79,T5CD9WoKaMt4TVA54NTqeiug6FFslGwjPn0tD0z-JVZ9pDpqHnzFTtBvnSDzAo1cRUS40CeVVGtS56YZ,1704868559
.360yield.com/ Name: umeh
Value: !42,0,1759300557,-1!79,0,1759300559,-1
.id5-sync.com/ Name: 3pi
Value: 2#1697092559007#689645707#3204153146485111299|10#1697092558808#1231858886#5769064425553103511|124#1697092559199#-596837616

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13148028.fls.doubleclick.net
a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
analytics.google.com
api.adrtx.net
beacon.krxd.net
bonus.betboo830.com
bonus.betboo942.com
bpi.rtactivate.com
c1.adform.net
cm.g.doubleclick.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
maxcdn.bootstrapcdn.com
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
realtime-353.optimove.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
sdk.optimove.net
sdkuaservice.optimove.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
stream-353.optimove.net
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.taboola.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
widgets.getsitecontrol.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
sync.1dmp.io
sync.e-volution.ai
104.17.94.64
104.18.26.193
104.36.113.107
104.96.165.30
107.154.133.121
107.178.244.119
107.178.254.65
13.224.214.30
13.224.214.90
141.226.124.48
142.251.16.148
142.251.163.155
15.235.15.221
162.19.138.118
18.194.128.214
18.238.4.118
18.238.4.16
185.167.164.39
185.167.164.47
2001:4860:4802:32::178
2001:4860:4802:38::181
23.105.12.150
23.13.208.196
23.220.113.47
23.41.169.75
2400:52e0:1a00::1029:1
2600:9000:20ed:2e00:1b:5138:8a40:93a1
2606:4700::6812:acf
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::68
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::9a
2620:1ec:21::14
3.217.186.3
3.229.224.124
3.232.64.79
3.33.220.150
34.102.240.186
34.111.113.62
34.200.65.202
34.237.158.211
34.245.173.161
34.249.120.117
34.98.64.218
35.190.24.218
35.190.60.146
35.211.178.172
37.157.6.232
44.212.89.30
44.238.141.43
46.19.11.36
50.57.31.206
52.203.127.100
52.218.90.27
52.22.152.20
52.223.22.214
54.211.189.216
54.88.241.171
63.251.28.234
68.67.179.155
69.169.85.7
69.169.86.38
8.43.72.97
85.114.159.118
04765e216f9bcb939d22348eedc8f257243fa6cd7c3a06615f18e07fb3aec973
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e4b8c48d632efcf21f60b89deee10d84786ee2fb5395263a1852f72c8fdeabb
0e82c401e1295c5129146c1cfa463a89d26a6a8960cc1d1fb4a9e9c864244560
14811480475c2171ce84c472a6d16a5355ce92a03e8955814fde8827e8a34d55
16b70eb9572cb53143349a03152aa642bec70ddec3897fd31d46fe0f6c6b5c65
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
19ba6dfa45ca2b7737723fe917946322daff587e7c264c2de70a13032f7f2f23
1f34d704155745290850dfc22199b3af12fb1ed324f219d25ea19b628c832575
235e8c5d99f869302942a3fe2865ae0cf42778cd89241c4f2cd3e7a13506babb
25cb419c205fd87de61332c4736edb56ce27ffef538b89febc95905d2057b1d8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b48a034ec1fe1289bacaa1b718d1b803fd7973edcea86b480d2889126725b16
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3efc048384eafe139c37be6f208fcbeda40ce3688a7dceb19f758ba18dce4ac8
404d2639cc4f2cb4c394c0bc13ab025a0b98b27fd777c3089f36f9bf9b66766e
4ab24c85bf132177ffb79ed5bc63be521a159d0488c917653964ecec9b1136de
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de2b855285f9157364cbc91b1e57003a7e2809bfe708b295913f43f4da179a2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506a059f2afab5955744647180bd687206b03e32f0ad39a2bfabade78ef55d3d
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57025f3bac717fe32a612048989b3766e262f5dd13691e8fd19b50db819246f4
5c135aade27e9f25ae562c1071869b7812cea1bc6c52142b391819aedba9dc81
5c8595e108609a2c8711fc13f07152587d19b81549d0d26b69b15d3e5cc44a7d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60dac0a7826ca3137a89346473f66354ee6baf82792eaa3549f96a513459d9e7
64d668c42b4233490db9b884c795496e5b5fd6c631b9e5ab00ad92db45d15968
6a49a11bc031957ec44e2bb89ad22d0647950deca6e6b6f77937547c2d69f126
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4bfe0b7b8a45c450dca018e5b4b248de4baf469f6dda5bd3f1a37d8a73a751
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
7287185a5ef7119f84899028998d6f3fac76142952faaa29bab3ddee0469b85f
761087d8a79b58591e725bdd0d0c9cef52096be5f0d06ffa4f2525639376bfc3
76f74abe29a41e346a071b0c64f69dcdc35ce808903dd750392b137719ac0767
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88abfed7273e75515f8bc5b34548a9582482f0dea62bf7f65650e4028b046312
8bd8a3b3a69fe1d9aa9342aee8ae668e7986711dbdafe2260ae9eb64839e6a62
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9450e2cd5abf7a9eeed20d2b67a93c762b4f500cf6437b3575c13510c0872adc
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8c34db8c3a7cbce2f22dc9f6f14cccbf0e247d0dff96d0fc514a49146700a02
ab935f4c99ab16a92225ea3cf8e0e4c5d8aae952a0907686f030cd6120634749
adfb9f89299cfb9a950f9957bfcca50a724ead2b7a50faec019994138b60f5ed
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b183bcda2c8c664124af622e682265d021411c3e5e807ef6bf10c67b35a6cefb
b4631ff00a090552e5798f39d94fea2b2cf995d2b7e102543887ee4acbf8dac6
ba09cf594a99e4de09f4bfa2eea0fc736b2d0848aebd896f18d9363e496d9fa0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c645a238c7fb71bd7430d7ae1a6ab839e2ef290c1f32c6212505be831e274825
c970dfe68f869690474f31ab8f97adab284a878c9f13a0092d60b1ae9c9188a4
ccbd1fe904b2ac7520e33f58c8f8a5e8ecb89159e81a297ac151067f18c20308
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d40e849273121f22a41072190a49bf6f8270755c9fd61afeb988b4d4a0fbaa52
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e09f1c60d0c056da4945a6b7af039034edaa1febaed4a33061a0fe779d70c324
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55fa6f2517e65eb5d72b5be872b4b57fca1ef238f2752a0c5b49f079abb8adf
e56327d94a29f6fc5d111578ae7895df40688d9e7cda9033960570a01bd83c02
e863e2640d0cf7e332076e2c025979acc32b0d66ec105c12e95bbbc4d13b613f
ebf057915181d79b8395bf0a213e6390bcaef72d2d931435bcdbf4c4c74fbbae
edeb9538403472bef1db0c237dce159fb9709d8f6391a7710158cd72a2000554
ef0ea2391536eda2480280ec067beae3e476d8e3ca32d39d1b79ab4a1103943e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8a3b15b76aae1de6e520be123b69901c237981581d94be2a33454f3cf621845
fb51bb6ac145fd17af3fc80b5f48ca3c0fef8ef208bffdde2df62be84b87d5f8
fbd9f9c36fef8587c0fa2ca7f121866a61d34745244ff39f37a632685cd157c5
fe1867cb1919bffce2d18f0daeef94b52aacd96324218b7f7c13e568e54174d3
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277