urlscan.io logo urlscan.io
SecurityTrails logo

www.betfred.com Open in urlscan Pro
45.60.124.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://loagoshy.net/4/5742320
Effective URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred....
Submission: On February 21 via manual from ID — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 15 HTTP transactions. The main IP is 45.60.124.248, located in United States and belongs to INCAPSULA, US. The main domain is www.betfred.com. The Cisco Umbrella rank of the primary domain is 166770.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on December 23rd 2023. Valid for: 6 months.
This is the only time www.betfred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 139.45.197.243 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 3 104.85.249.241 20940 (AKAMAI-ASN1)
1 139.45.195.253 9002 (RETN-AS)
1 1 18.195.128.171 16509 (AMAZON-02)
1 1 3.10.97.14 16509 (AMAZON-02)
4 45.60.124.248 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.72.134.33 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 8
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
loagoshy.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
3    104.85.249.241 (Warsaw, Poland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-85-249-241.deploy.static.akamaitechnologies.com
ak.ocoaksib.com
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    18.195.128.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
track.joyful-u.vip
1    3.10.97.14 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-97-14.eu-west-2.compute.amazonaws.com
bfpartners.click
4    45.60.124.248 (United States)

ASN19551 (INCAPSULA, US)
www.betfred.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    54.72.134.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
content.betfred.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 betfred.com
www.betfred.com — Cisco Umbrella Rank: 166770
content.betfred.com — Cisco Umbrella Rank: 296363
85 KB
3 ocoaksib.com
ak.ocoaksib.com — Cisco Umbrella Rank: 89440
16 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9876
995 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
1 bfpartners.click
bfpartners.click — Cisco Umbrella Rank: 162732
3 KB
1 joyful-u.vip
track.joyful-u.vip — Cisco Umbrella Rank: 193571
615 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 36259
468 B
1 loagoshy.net
loagoshy.net — Cisco Umbrella Rank: 114201
2 KB
15 9
Domain Requested by
4 www.betfred.com www.betfred.com
3 ak.ocoaksib.com 1 redirects loagoshy.net
ak.ocoaksib.com
2 fonts.gstatic.com fonts.googleapis.com
2 content.betfred.com www.betfred.com
2 my.rtmark.net loagoshy.net
ak.ocoaksib.com
1 fonts.googleapis.com www.betfred.com
1 bfpartners.click 1 redirects
1 track.joyful-u.vip 1 redirects
1 datatechone.com ak.ocoaksib.com
1 loagoshy.net
15 10

This site contains no links.

Subject Issuer Validity Valid
loagoshy.net
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
ak.hetaruwg.com
R3		 2024-02-19 -
2024-05-19		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-23 -
2024-06-20		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.betfred.com
Amazon RSA 2048 M02		 2023-10-22 -
2024-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
Frame ID: BE9A20247AA10D22308ABBE39333A7DE
Requests: 9 HTTP requests in this frame

Frame: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-2773012-0%200NNN%20RT%281708484883741%2068%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=1288001110005526783-14031671125351373&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Frame ID: D900FE35AB8CADA9EF04055E869D009E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://loagoshy.net/4/5742320 Page URL
  2. https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto= Page URL
  3. https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=108551&browse... HTTP 302
    https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wjq1pbobnrjgd3bv23d8gef0 HTTP 302
    https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https:/... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

15
Requests

100 %
HTTPS

20 %
IPv6

9
Domains

10
Subdomains

8
IPs

5
Countries

134 kB
Transfer

313 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://loagoshy.net/4/5742320 Page URL
  2. https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto= Page URL
  3. https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=108551&browserversion=121&osversion=win10&user_activity=high&bannerid=14185211&isp=british%20sky%20broadcasting%20limited&zone_type={zone_type}&request_var=5742320&survey_exit_type=not_survey&cost=0.001164&visitor_id=784005025323295412 HTTP 302
    https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wjq1pbobnrjgd3bv23d8gef0 HTTP 302
    https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5742320
loagoshy.net/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loagoshy.net/4/5742320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 21 Feb 2024 03:08:02 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.ocoaksib.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
ed4fdd685466358ad9c4592d95ce0b89
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008009a67afa4486e54bfee972ee8bbc
Requested by
Host: loagoshy.net
URL: https://loagoshy.net/4/5742320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:08:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://loagoshy.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
ak.ocoaksib.com/4/6118780/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Requested by
Host: loagoshy.net
URL: https://loagoshy.net/4/5742320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.85.249.241 Warsaw, Poland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-85-249-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8463f1bb7f68e29eb5d4e6adb37e7cf9f840d00e786049553c39681122c5d7bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13325
content-type
text/html; charset=utf8
date
Wed, 21 Feb 2024 03:08:02 GMT
expires
Wed, 21 Feb 2024 03:08:02 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
f72b2049083f39a783360d26cd53645f
sftouch
ak.ocoaksib.com/ 		2 B
539 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.ocoaksib.com/sftouch?userId=0080099b1a3f4b0aee84667dcb06cc09&z=6118780&p_rid=b7802443-b076-422a-b334-8fb57e3559c1&p_src=sf&branchId=150041&rb=rhIacFD4QPnxnIEMzTnp6-6j1CAXcecklQlRWQRIAM6WkBLWYpM5M8BxLRvnAysY5unV4CvY0bbo6mjNaONZft7niulf4RWi_X3ecHA4KP0TbU233pxLaskO_xCjlcnr3Z86S0rUoCv4twU5Ue7vf-hii1S4uouQPIRN9GuZvxECgmtVdM7D2Fz4vqmT0aZYrNeifH9e22sjN2h34tZfxaPjLOJ2lrCPXgKKOySQYena9pU8u3SOUVxUzFAA6Gp9jlTWIEpkav22bEtw5RdLkLctTUXI7Oto8r5-Rd2eFfhPf0lYc_CYSQ==
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.85.249.241 Warsaw, Poland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-85-249-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Wed, 21 Feb 2024 03:08:03 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
54fcaa088dea0f072d47abc5480fc9a6
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.ocoaksib.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Wed, 21 Feb 2024 03:08:03 GMT
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080099b1a3f4b0aee84667dcb06cc09&z=6118780&p_rid=b7802443-b076-422a-b334-8fb57e3559c1&p_src=sf
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ak.ocoaksib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:08:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b7802443-b076-422a-b334-8fb57e3559c1
Requested by
Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://ak.ocoaksib.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 21 Feb 2024 03:08:03 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.ocoaksib.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request tracking
www.betfred.com/affiliate/
Redirect Chain
  • https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false
  • https://track.joyful-u.vip/e90c5688-f303-43ee-8f72-7debe5243745?zoneid=6118780&subzone_id=108551&browserversion=121&osversion=win10&user_activity=high&bannerid=14185211&isp=british%20sky%20broadcas...
  • https://bfpartners.click/o/5mu59T?site_id=109111&s2=Casino200&s2=wjq1pbobnrjgd3bv23d8gef0
  • https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
812 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
129adbc69f4b4cc57d81a4e06c534925524438ba5571cbdcdd18ca7dd545ba7f

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ak.ocoaksib.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-length
812
content-type
text/html
x-iinfo
13-2773012-0 0NNN RT(1708484883741 68) q(0 -1 -1 0) r(0 -1) B16 U5
x-incap-sess-cookie-hdr
nG1wSF4OGUD/MDB4L+bfERNp1WUAAAAA4t5Hw6UlwzcZv6+F03XAxg==

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
1106
Content-Security-Policy
default-src 'self' ;script-src 'self' 'unsafe-inline' data: *.googleapis.com *.twitter.com *.facebook.net www.googleadservices.com www.gstatic.com www.google.com google.com google.co.uk http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io use.fontawesome.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com tagmanager.google.com maxcdn.bootstrapcdn.com cdn-images.mailchimp.com use.fontawesome.com fonts.bunny.net;img-src 'self' * data: http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.bunny.net use.fontawesome.com;connect-src 'self' fonts.googleapis.com insights.hotjar.com wss://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;frame-src 'self' www.google.com vars.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;worker-src 'self' self blob: 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Feb 2024 03:08:03 GMT
Location
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/#/affiliates/casino/CASINO200?&siteid=109111&referrer=&click=1004359898
Server
nginx
ious-Eye-grack-Tis-do-tempret-beene-what-withis-
www.betfred.com/ 		230 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4e9b7dc6633ac978fe97017367ea24a35a42501aa7c7560da81f20374aa3a6cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:08:04 GMT
content-encoding
gzip
x-cdn
Imperva
etag
"e4cf5144"
content-type
text/javascript
x-iinfo
12-2237711-0 0CNN RT(1708484883956 55) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
75810
_Incapsula_Resource
www.betfred.com/ Frame D900 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-2773012-0%200NNN%20RT%281708484883741%2068%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=1288001110005526783-14031671125351373&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
837c1001680be8c915c133e576efb7aeadaabb80e69b5d244c140d8fe2bde3b6

Request headers

Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
2204
content-type
text/html
x-robots-tag
noindex
css2
fonts.googleapis.com/ Frame D900 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-2773012-0%200NNN%20RT%281708484883741%2068%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=1288001110005526783-14031671125351373&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b019ece8843e7df34c340501cfe589cff54e35b281ba097704c2d8bf2cf7bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Feb 2024 03:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Feb 2024 03:08:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Feb 2024 03:08:04 GMT
logo-betfred.svg
content.betfred.com/landingpages/geo-block/images/ Frame D900 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.betfred.com/landingpages/geo-block/images/logo-betfred.svg
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-2773012-0%200NNN%20RT%281708484883741%2068%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=1288001110005526783-14031671125351373&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.134.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
347bf30aa035fdf5da57d813cbfa97bd494d9c7ba44cbe99f01320264a324bb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:08:04 GMT
via
1.1 varnish
last-modified
Thu, 27 Apr 2023 11:38:13 GMT
server
nginx/1.18.0
age
0
etag
"644a5ea5-1081"
x-varnish
649554196
content-type
image/svg+xml
accept-ranges
bytes, bytes
content-length
4225
target-red.png
content.betfred.com/landingpages/geo-block/images/ Frame D900 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.betfred.com/landingpages/geo-block/images/target-red.png
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/_Incapsula_Resource?CWUDNSAI=23&xinfo=13-2773012-0%200NNN%20RT%281708484883741%2068%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U5&incident_id=1288001110005526783-14031671125351373&edet=16&cinfo=ffffffff&rpinfo=0&mth=GET
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.134.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-134-33.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
bda63c34ab0a3bb4645d43ad1f75d73cea8176c8f4a6923d9b25458a9038c216

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.betfred.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:08:04 GMT
last-modified
Thu, 27 Apr 2023 11:38:14 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"644a5ea6-815"
content-length
2069
content-type
image/png
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame D900 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betfred.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 03:51:59 GMT
x-content-type-options
nosniff
age
602165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 03:51:59 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ Frame D900 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@500&family=Poppins:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eebf14aba456b89b7e899584e076588a92e422a45b37fb5fa36ce17519a3e8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betfred.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:07:45 GMT
x-content-type-options
nosniff
age
64819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22760
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:02:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 09:07:45 GMT
ious-Eye-grack-Tis-do-tempret-beene-what-withis-
www.betfred.com/ 		735 B
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-?d=www.betfred.com
Requested by
Host: www.betfred.com
URL: https://www.betfred.com/ious-Eye-grack-Tis-do-tempret-beene-what-withis-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
8b50b75d158bdc542b18ec9e51c0ba93581a1f8be7317b0674dd0e8b446b6a22

Request headers

Accept
application/json; charset=utf-8
Referer
https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 21 Feb 2024 03:08:03 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
12-2237711-2237769 NNYN CT(3 3 0) RT(1708484883956 407) q(0 0 0 -1) r(0 1) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=101.392269

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| a1_0x1092 function| a1_0x21cc object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha

16 Cookies

Domain/Path Name / Value
loagoshy.net/ Name: OAID
Value: 008009a67afa4486e54bfee972ee8bbc
loagoshy.net/ Name: oaidts
Value: 1708484882
my.rtmark.net/ Name: ID
Value: 008009a67afa4486e54bfee972ee8bbc
ak.ocoaksib.com/ Name: oaidts
Value: 1708484882
ak.ocoaksib.com/ Name: OAID
Value: 008009a67afa4486e54bfee972ee8bbc
ak.ocoaksib.com/ Name: syncedCookie
Value: true
.track.joyful-u.vip/ Name: e90c5688-f303-43ee-8f72-7debe5243745-v4
Value: vY_ohnzQK1Qg_5leJeo53FMqyXz8QvD-azD_DBS5loo
.track.joyful-u.vip/ Name: cc-v4
Value: rkt0e%2BTdnhdZC2o2aD7vKULpum1dV8d3VHtVnVoTVsrUsy7c5g4kltVryCvYSrNF51AeAUExKi7o2bWvmlO%2FTJNWUs%2B8XRKNxCEiENJugD%2B8Z3x1Ean1Zey8dlAR2OHVUxq3b%2BaEw%2B22rnnIiRf7IQ%3D%3D
bfpartners.click/ Name: XSRF-TOKEN
Value: eyJpdiI6IngxUnhBbFc2YmlqODJuSERiZzAwMVE9PSIsInZhbHVlIjoicVM1a25HejFuc08zMjUxVG1IR1g4QW4vVFQzRnN4K3RNdVdlM0lZRDg3NkRuTDFtTVJaM0ZHS25yM3hxa0tLTjBIQk5IRStPSUcxVFhXRjJkMkdqWFpVSS9MYWs0OVU2QjE2UnA4V1FkVHJoSFlVaFJzWlNnbHVsTXBaS0htOTkiLCJtYWMiOiIxNWY4M2MwODAxZmVjOWZjN2FhMGE0ZjkzM2JiZjMzNjc4YTBhY2Q0ZjhmNDExY2U5ZmUwOTViOTUxYTAyNTZhIiwidGFnIjoiIn0%3D
bfpartners.click/ Name: awa_app_session
Value: eyJpdiI6InFFeU9lMlFKczJUZStEbTUvRFd3TWc9PSIsInZhbHVlIjoiOHF4M2VTUmF4blQyVlluK0dFeitucXl0b2pzNVZVK1NkOVZQcTdmT2w3R050TEF2dVZkMC9kM1V3WGZDZTZYK2Nwc252N2dtZXB3MFBLMWx6YSs1dkF2S2kxd3pBQnhiYmF0cG9oS2VKSkpKeXlwNXMvTDVOeDVLWjV3NytLUkkiLCJtYWMiOiJmYjgwM2YyNDE0OTc2YTA1OTc4ZGM5YWRmNjI4OWE3N2JhYzQ2NzdmZmVmNWE1YjkwYzMxODg1MGZmYzc3MGZkIiwidGFnIjoiIn0%3D
bfpartners.click/ Name: campaign_19_lp_59_aff_101783
Value: eyJpdiI6Imh4L0N2bUMzRWluTzNRV0VzMTZLVXc9PSIsInZhbHVlIjoiZnNkYVkxdE9CRmxaaDQyTEJKM2s3cFhORUNNV0xnNElaSExkdFhGNkpQZGxhY3JTa2lTRmJzcTdWOFowWUVzQ1pGZDdaTEZKOE9xZ2xnYWN4RG9PT1E9PSIsIm1hYyI6IjZlZTc1NzRlNGMxMzFlMWE3YzE4YjFlZjVhYjQ0OWU3MjgxYzgxMWUyYThkNjM2YjEzMDhhNzkwZDUwNmNiMzYiLCJ0YWciOiIifQ%3D%3D
bfpartners.click/ Name: campaign_8
Value: eyJpdiI6Ikh4ZVFDUkdlSjYxMFJNQThPMUZZN0E9PSIsInZhbHVlIjoiTkF2WTVHZjVMWDRSREoxOUJPZWMzMUFLUncxaGlEa25wYStFTUdSZjdhaXJ6bG5VbjRpMkZ1a3hHem9GMzEya0RCbXluV1RzR1VaUnNmTldLbENEWG5CQURndml5dFVObzBnRVB5R1kwZHJ4NkozVGtMQlphMHk4cUR3L0UvUUVGRVhkaDRLcUZhWXEyWU80WjhMNVRnPT0iLCJtYWMiOiJhYmUwNzEyOTRiYmQxYTY0NTc3ZmM3NDM2MmY5OTQ4MWYwYzFlMDAzYmU1OGI4NzUzOTdmY2JmYThlMDBhZDgzIiwidGFnIjoiIn0%3D
.betfred.com/ Name: visid_incap_2254385
Value: 5MP0ETDpSc6Xt6U6jDWkWxNp1WUAAAAAQUIPAAAAAAAvrIgm+VusclPeKt9aq1VJ
.betfred.com/ Name: incap_ses_1288_2254385
Value: 53q7S6kAoTz/MDB4L+bfERNp1WUAAAAA1LBBd/lzWk0c6vpoMI7Oyg==
.betfred.com/ Name: nlbi_2254385_2147483392
Value: XlkFQZbmbB2YMluIETEFhQAAAAC3lCXdD01W2yG587eHs/0u
.www.betfred.com/ Name: reese84
Value: 3:p8s8eW5Y0ep+g0jOM+/TVw==:XP7pnlGc+oEHs7p4Z5YAapTznFB803Z3O9knT1KVHyUwP7HnP2K9Fq5dnB7Hv5VH2wZT2YrScpoM6UKSwCncbMUYrC2IhPnWUcDiqxlb9Wi2eugLCwzTf2Ptn0z3XNCSrOMuS8xDM4gyG38xucOPs+X451+N0liSMt8GG81mVnId+RMYgAVjHak54k23K7OYiHcOTBC4xAr/f0PKo67C48YtjUSJvtIY/URjYWo0SdRnFi8WqXJUiJyx++RN2OLNJ06eZsXxMqD1MELZdCnBb8BVB+pb2rZ8N7hjS/ujhZDN/Bc6uCDB08U00jdl2a1ll3+TUnxoPtKLKJvrzbs9KsBDfMu0fUhMU1V7ATRM7US/Ig9Xx0lQs/3JKmvkTyUdZYmVwZEKcoGMJN+sorflNPI/+6ugAGnA2aARMK76foOojhFBZjV0P2nCmNz4WNnxz4yWXtysBxATkGmoHQ+z2IaLdsIpZdBNgbSM2Io1CeQRlmKfAiIENCvJc1StCNtXdLPpKmVfsw7gpNcSkbyzTrqZbeEnvXlY4kEvmiBtO+edT6vdQvjJvsymgRbNfRhoiGjS0/55FWVXccyL30sc1A==:5ObbNPU5knVO/KHoYRx2RumqYBQFVlavtswYFUU6H0Y=

4 Console Messages

Source Level URL
Text
other warning URL: https://loagoshy.net/partitial/5117836/?var=5742320&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.ocoaksib.com/4/6118780/?var=5742320&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.betfred.com/affiliate/tracking?Affid=101783&Btag=a_109111b_c_d_1004359898&target=https://promotions.betfred.com/#/affiliates/casino/CASINO200?&siteid=109111&referrer=&click=1004359898
Message:
Failed to load resource: the server responded with a status of 403 ()