bet365.id.uptodown.com Open in urlscan Pro
151.101.131.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bet365.id.uptodown.com/
Effective URL:
https://bet365.id.uptodown.com/android
Submission: On December 06 via api (December 6th 2024, 5:33:34 pm UTC) from US — Scanned from US

Summary HTTP 166 Redirects Links 81 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 39 domains to perform 166 HTTP transactions. The main IP is 151.101.131.52, located in San Francisco, United States and belongs to FASTLY, US. The main domain is bet365.id.uptodown.com.
TLS certificate: Issued by Certainly Intermediate R1 on November 22nd 2024. Valid for: a month.

This is the only time bet365.id.uptodown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
33	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
1	188.226.136.4 188.226.136.4	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f8b0:400... 2607:f8b0:4004:c09::71	15169 (GOOGLE) (GOOGLE)
5	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c21::61	15169 (GOOGLE) (GOOGLE)
2	172.67.69.203 172.67.69.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:19ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.63.148 172.253.63.148	15169 (GOOGLE) (GOOGLE)
23	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::66	15169 (GOOGLE) (GOOGLE)
3	108.138.112.90 108.138.112.90	16509 (AMAZON-02) (AMAZON-02)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.18.29.101 104.18.29.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
2	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c21::84	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2607:f8b0:400... 2607:f8b0:4004:c0b::84	15169 (GOOGLE) (GOOGLE)
1	52.54.3.156 52.54.3.156	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
7	142.251.35.174 142.251.35.174	15169 (GOOGLE) (GOOGLE)
9	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	108.138.106.56 108.138.106.56	16509 (AMAZON-02) (AMAZON-02)
1	23.203.179.38 23.203.179.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.167.105 142.251.167.105	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
8 11	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
1	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
1 12	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.32.35.154 52.32.35.154	16509 (AMAZON-02) (AMAZON-02)
3 3	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	207.65.37.184 207.65.37.184	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1 1	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
2 2	54.208.65.79 54.208.65.79	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 1	34.196.74.196 34.196.74.196	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.44.170.186 52.44.170.186	14618 (AMAZON-AES) (AMAZON-AES)
2 2	44.193.32.222 44.193.32.222	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
166	48

5 151.101.131.52 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

bet365.id.uptodown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.uptodown.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.67.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

stc.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.226.136.4 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

geo.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::71 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.3.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.203 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.ssm.codes	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssm.codes	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:19ba (United States)

ASN13335 (CLOUDFLARENET, US)

bt.dns-finder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.112.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-112-90.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)

a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c0b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.3.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-3-156.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.35.174 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.19.138.116 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:545 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.32.35.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-35-154.us-west-2.compute.amazonaws.com

ids4.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.184 (Colonia, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.37.184 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f008:200::101 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:d (United States) 2 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.65.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-65-79.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.74.196 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-74-196.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.170.186 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-170-186.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.32.222 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-32-222.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	utdstc.com stc.utdstc.com — Cisco Umbrella Rank: 148354 img.utdstc.com — Cisco Umbrella Rank: 145136	188 KB
27	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 pubads.g.doubleclick.net — Cisco Umbrella Rank: 438 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	259 KB
21	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619 p.ad.gt — Cisco Umbrella Rank: 1714 ids.ad.gt — Cisco Umbrella Rank: 1557 ids4.ad.gt — Cisco Umbrella Rank: 2415 pixels.ad.gt — Cisco Umbrella Rank: 1708 seg.ad.gt — Cisco Umbrella Rank: 1984 proton.ad.gt — Cisco Umbrella Rank: 4167	21 KB
15	googlesyndication.com a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com	120 KB
12	id5-sync.com 8 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	43 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	71 KB
9	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	45 KB
4	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
4	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 2931 google-bidout-d.openx.net — Cisco Umbrella Rank: 2790 u.openx.net — Cisco Umbrella Rank: 761	920 B
4	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1329 lexicon.33across.com — Cisco Umbrella Rank: 1453	13 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687	92 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 281	3 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	26 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 947 api.btloader.com — Cisco Umbrella Rank: 1068	20 KB
3	uptodown.com 1 redirects bet365.id.uptodown.com	42 KB
2	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 973	998 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 615	1 KB
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 2446	1 KB
2	sonobi.com 2 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 886	728 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 450 dis.eu.criteo.com — Cisco Umbrella Rank: 8562	402 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 975	2 KB
2	uptodown.net m.uptodown.net — Cisco Umbrella Rank: 163270	22 KB
2	ssm.codes scripts.ssm.codes — Cisco Umbrella Rank: 98439 ssm.codes — Cisco Umbrella Rank: 32963	145 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	201 KB
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 899	485 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	443 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 500	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	294 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120	17 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	441 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	dns-finder.com bt.dns-finder.com — Cisco Umbrella Rank: 277135	1001 B
1	cookie-script.com geo.cookie-script.com — Cisco Umbrella Rank: 32040	1 KB
166	39

	Domain	Requested by
24	img.utdstc.com	bet365.id.uptodown.com
23	securepubads.g.doubleclick.net	scripts.ssm.codes securepubads.g.doubleclick.net bet365.id.uptodown.com pagead2.googlesyndication.com
14	stc.utdstc.com	bet365.id.uptodown.com
11	id5-sync.com	8 redirects cdn.id5-sync.com
9	ids.ad.gt	1 redirects
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	fundingchoicesmessages.google.com	bet365.id.uptodown.com
6	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
4	pixel.tapad.com	4 redirects
3	p.ad.gt	a.ad.gt p.ad.gt
3	www.google.com	ep2.adtrafficquality.google
3	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	scripts.ssm.codes c.amazon-adsystem.com
3	bet365.id.uptodown.com	1 redirects
2	seg.ad.gt	p.ad.gt
2	ce.lijit.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	ice.360yield.com	2 redirects
2	sync.go.sonobi.com	2 redirects
2	cm.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	lexicon.33across.com	1 redirects
2	oajs.openx.net	1 redirects
2	a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net bet365.id.uptodown.com
2	cdn-ima.33across.com	securepubads.g.doubleclick.net bet365.id.uptodown.com
2	www.google-analytics.com	www.googletagmanager.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	bet365.id.uptodown.com
2	m.uptodown.net	bet365.id.uptodown.com m.uptodown.net
2	www.googletagmanager.com	bet365.id.uptodown.com p.ad.gt
1	proton.ad.gt	p.ad.gt
1	pixels.ad.gt	p.ad.gt
1	ib.adnxs.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	dis.eu.criteo.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com
1	u.openx.net	1 redirects
1	ids4.ad.gt
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cdn.id5-sync.com	bet365.id.uptodown.com
1	cdn.hadronid.net	bet365.id.uptodown.com
1	secure.cdn.fastclick.net	bet365.id.uptodown.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	gum.criteo.com	static.criteo.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	pubads.g.doubleclick.net
1	ssm.codes	scripts.ssm.codes
1	ad.doubleclick.net	bet365.id.uptodown.com
1	bt.dns-finder.com	btloader.com
1	scripts.ssm.codes	bet365.id.uptodown.com
1	btloader.com	bet365.id.uptodown.com
1	geo.cookie-script.com	bet365.id.uptodown.com
166	65

This site contains links to these domains. Also see Links.

Domain
spotify.id.uptodown.com
honkai-star-rail.id.uptodown.com
id.uptodown.com
infinity-nikki.id.uptodown.com
fifa-soccer-gameplay-beta.id.uptodown.com
free-fire-battlegrounds.id.uptodown.com
archero-2.id.uptodown.com
mobile-legends.id.uptodown.com
microsoft-edge.id.uptodown.com
pokemon-tcg-pocket.id.uptodown.com
com-meitu-wink.id.uptodown.com
delta-force-hawk-ops.id.uptodown.com
www.bet365.com
support.uptodown.com
mpl-mobile-premier-league.id.uptodown.com
haloween-bruxas-slots-777.id.uptodown.com
com-ghgmfb-o260krmfb.id.uptodown.com
dragon-tiger.id.uptodown.com
gin-rummy-gold.id.uptodown.com
magayo-lotto.id.uptodown.com
teenpatti-ace-pro.id.uptodown.com
pin-up-slots.id.uptodown.com
netflix-inc-netflix.id.uptodown.com
indriver.id.uptodown.com
tokopedia.id.uptodown.com
taxsee-driver.id.uptodown.com
gs-injector.id.uptodown.com
canva.id.uptodown.com
ffmax-panel-hak-fire-max.id.uptodown.com
crushon-ai.id.uptodown.com
blog.en.uptodown.com
uptodown-android.id.uptodown.com
bet365.en.uptodown.com
bet365.uptodown.com
bet365.br.uptodown.com
bet365.de.uptodown.com
bet365.fr.uptodown.com
bet365.it.uptodown.com
bet365.cn.uptodown.com
bet365.jp.uptodown.com
bet365.ru.uptodown.com
bet365.kr.uptodown.com
bet365.ar.uptodown.com
bet365.th.uptodown.com
bet365.tr.uptodown.com
bet365.in.uptodown.com
bet365.vi.uptodown.com
bet365.ro.uptodown.com
www.youtube.com
www.tiktok.com
x.com
instagram.com
www.linkedin.com
www.facebook.com
en.uptodown.com
uptodown.factorialhr.es

Subject Issuer	Validity	Valid
uptodown.com Certainly Intermediate R1	`2024-11-22` - `2024-12-22`	a month	crt.sh
*.utdstc.com Certainly Intermediate R1	`2024-11-30` - `2024-12-30`	a month	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-17` - `2025-08-17`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
btloader.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ssm.codes WE1	`2024-11-09` - `2025-02-07`	3 months	crt.sh
uptodown.net Certainly Intermediate R1	`2024-11-15` - `2024-12-15`	a month	crt.sh
dns-finder.com WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
ad-delivery.net WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
api.btloader.com WR3	`2024-11-29` - `2025-02-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
esp.rtbhouse.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
hadronid.net WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
id5-sync.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
a.ad.gt WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
p.ad.gt WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
ids.ad.gt WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
pixels.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
seg.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
proton.ad.gt WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://bet365.id.uptodown.com/android
Frame ID: DE0E33F698F1D6CF309EF0D706C9AC54
Requests: 119 HTTP requests in this frame

Frame: https://ssm.codes/topics/topics_frame.html
Frame ID: A0776153789D3E60FBA4D588C527C405
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 662E5E8F626199814AB9EAE46281B7C8
Requests: 1 HTTP requests in this frame

Frame: https://a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 717863C3D576A5FCD3A3C2BEE57D41C2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bet365.id.uptodown.com
Frame ID: 4EDC4F0C21B686C9DD8D32F166BCC324
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: F2429AFB5CA7EF5D839AC4A6FADCB35A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B11CE5B954BD4D44861449132DC1943
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 54123EB69072951A313CCB5CB80F6BB9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0S13ky8sL1nugQ21fLpJLRAF43c_PZDfF4iIuHm7SfCWVvfQ8sf1CX49_4ynJq-jtR0wLj5Ycles6bIOxAwwQnCZD5qXksIdhdPspwfIRjdvSmf6BKibSdl9Nm4vbdtua57w_Mq1nZDor0NygP_l6hJkJpsX_D5FLIwTLsu0FotaOr-U1nZwJB-k0W3zVT6F3QzuSjZuKovCf61rKZnJqAg0zyjo4y6eeIaaNWqQTl9GlSCcC1nNeBaG23RDFIsThAHhtXXZYMvs758R-OeVHxDsA6ibVFsgBpHkAAbQfYPgPEQOQWKgXDFqFTKgyQYIBuA5H9KQUiHrdPioahRKoZkuP-wkuCRNz18pQLaxXSV58JvEM3kagkQJMCPAhbShxrSb8_xbDvlUE8YP7yuUHj1vttfHHsUtUM-ZQo4fk2zsJ2upr&sai=AMfl-YQQkDMZGw4mRGxhKCL6dVeO2Ivg_KRnyuFYv3aSqCnlzLbhQe1SS6-JzCpXFj2-AfoK6VmuZ0E-J4m8QsaS9unYeTnlZCoV5q-g7HZSUzGjOU7NWUypMkOpBHfQb-3C4jm-4bk2AA1KQv8ocQK3&sig=Cg0ArKJSzIKAnRPNc6LwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5D054F7E74BC831890941BC29DFA9288
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO56iplxEntKXKWy69KiIumXAizky3GgAVWnfCS5V582UK1elqr6KpUdGMUv_zmqJpxG9vYo7cEc9JimX1HrZPxCHLmWE1_JX4Y7mqOaG_DwvCfxCoYAIK6Dd7C70ny7x2D2G4yMqAiNBe0lVcB0wY0nfQ6ftX1B_DHbEZCeD0cejGMEMdaJ3RLi6tIisTQJLCk2kQU3qnSt6VaERgJOssTwr8hEWPGBr0wd7nbQHjRKTX5KBtV24djhICLbxWsUHJ7wrTflpzypvPtiRLe6VdSx-p1fOn4tJFWQ_DvkgC0QdFDrUPTPPEf5GR86Q06pDXBu23B5sbjrpX6G71dIRASl5Blv9PXCQpTZ5Kui69aMn9yH_gZo0lMCFwyU3asgNtAGRuUM49OYv8ZgWiJmuZsttWT-NhSkJSjxGMOg_hhy0wCsB4&sai=AMfl-YRRXBomksRbWvkgIf5uOHBHijD0PMXFxnscU-5txUgzGYmcZgvvnp3pocCOVxLilINwWTn3rqVlX5mhs5mdQ-z3wK9KGsWh54qjvJqLRaxNz6nRrOBbL6galCmwA_wqH-464W-WICTP76ITnkzgdg&sig=Cg0ArKJSzC5j0MXWPPQIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 74FAA07D6525B4D47DBE21C797538F9F
Requests: 13 HTTP requests in this frame

Frame: https://a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9777CCBA6860F13E7AEC34A83580E253
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 0082B9719D632F546DB3E27F6B3083D3
Requests: 1 HTTP requests in this frame

Frame: https://25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C73123489434766E268C17694F3A2DD5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 608670CED2EBA9F4D7FD77982EC6BD8B
Requests: 1 HTTP requests in this frame

Frame: https://d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1146C0B943B68839B1DADB81AD6F6070
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C11FDC0B31912D330F5ABC764010B2CA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BD14648CE280843B22D12E46737997F
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 070E17350473ED2F2C1F5ACD3242E5D0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 467F5774FC796C3B60A95C0BF2528CEC
Requests: 1 HTTP requests in this frame

Frame: https://d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 048FDBED920F603F20F35A0D8DFE41EA
Requests: 1 HTTP requests in this frame

Frame: https://25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8E98B995E5A635693DDFD46A8B244D9F
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: AEA7C4D9C5D21C87E0441E017D54790C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bet365 untuk Android - Unduh APK dari Uptodown

Page URL History Show full URLs

https://bet365.id.uptodown.com/ HTTP 301
https://bet365.id.uptodown.com/android Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

166
Requests

92 %
HTTPS

33 %
IPv6

39
Domains

65
Subdomains

48
IPs

5
Countries

1354 kB
Transfer

5728 kB
Size

72
Cookies

81 Outgoing links

These are links going to different origins than the main page.

URL: https://spotify.id.uptodown.com/android
Title: Spotify

Search URL Search Domain Scan URL

URL: https://honkai-star-rail.id.uptodown.com/android
Title: Honkai: Star Rail

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/rilis-mendatang
Title: Segera hadir

Search URL Search Domain Scan URL

URL: https://infinity-nikki.id.uptodown.com/android
Title: Infinity Nikki

Search URL Search Domain Scan URL

URL: https://fifa-soccer-gameplay-beta.id.uptodown.com/android
Title: EA Sports FC Mobile Beta

Search URL Search Domain Scan URL

URL: https://free-fire-battlegrounds.id.uptodown.com/android
Title: Free Fire

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/aplikasi-vpn
Title: Aplikasi VPN

Search URL Search Domain Scan URL

URL: https://archero-2.id.uptodown.com/android
Title: Archero 2

Search URL Search Domain Scan URL

URL: https://mobile-legends.id.uptodown.com/android
Title: Mobile Legends

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/horor-survival
Title: Horor Survival

Search URL Search Domain Scan URL

URL: https://microsoft-edge.id.uptodown.com/android
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/tower-defense-acak
Title: Tower Defense Acak

Search URL Search Domain Scan URL

URL: https://pokemon-tcg-pocket.id.uptodown.com/android
Title: Pokémon TCG Pocket

Search URL Search Domain Scan URL

URL: https://com-meitu-wink.id.uptodown.com/android
Title: Wink

Search URL Search Domain Scan URL

URL: https://delta-force-hawk-ops.id.uptodown.com/android
Title: Delta Force: Hawk Ops

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/lifestyle
Title: Gaya Hidup

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/gambling
Title: Perjudian

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/editor/andres-lopez
Title: Andrés López

Search URL Search Domain Scan URL

URL: http://www.bet365.com/
Title: bet365

Search URL Search Domain Scan URL

URL: https://support.uptodown.com/hc/en-us/articles/4403243577613
Title: (Informasi lebih lanjut)

Search URL Search Domain Scan URL

URL: https://mpl-mobile-premier-league.id.uptodown.com/android
Title: MPL - Mobile Premier League

Search URL Search Domain Scan URL

URL: https://haloween-bruxas-slots-777.id.uptodown.com/android
Title: Haloween Bruxas - Slots 777

Search URL Search Domain Scan URL

URL: https://com-ghgmfb-o260krmfb.id.uptodown.com/android
Title: 大唐街棋牌免费版

Search URL Search Domain Scan URL

URL: https://dragon-tiger.id.uptodown.com/android
Title: Dragon Tiger

Search URL Search Domain Scan URL

URL: https://gin-rummy-gold.id.uptodown.com/android
Title: Gin Rummy Gold

Search URL Search Domain Scan URL

URL: https://magayo-lotto.id.uptodown.com/android
Title: Magayo Lotto

Search URL Search Domain Scan URL

URL: https://teenpatti-ace-pro.id.uptodown.com/android
Title: Teenpatti Ace Pro

Search URL Search Domain Scan URL

URL: https://pin-up-slots.id.uptodown.com/android
Title: Pin-up

Search URL Search Domain Scan URL

URL: https://netflix-inc-netflix.id.uptodown.com/android
Title: Netflix (Android TV)

Search URL Search Domain Scan URL

URL: https://indriver.id.uptodown.com/android
Title: inDrive

Search URL Search Domain Scan URL

URL: https://tokopedia.id.uptodown.com/android
Title: Tokopedia

Search URL Search Domain Scan URL

URL: https://taxsee-driver.id.uptodown.com/android
Title: Taxsee Driver

Search URL Search Domain Scan URL

URL: https://gs-injector.id.uptodown.com/android
Title: GS Injector

Search URL Search Domain Scan URL

URL: https://canva.id.uptodown.com/android
Title: Canva

Search URL Search Domain Scan URL

URL: https://ffmax-panel-hak-fire-max.id.uptodown.com/android
Title: FFMax Panel HaK Fire Max

Search URL Search Domain Scan URL

URL: https://crushon-ai.id.uptodown.com/android
Title: Crushon AI

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/tools
Title: Alat Bantu

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/communication
Title: Komunikasi

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/multimedia
Title: Multimedia

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/games
Title: Permainan

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/productivity
Title: Produktivitas

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/android/editors-choice
Title: Pilihan editor

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/windows
Title: Windows

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/mac
Title: Mac

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/turbo?platform=android
Title: Uptodown Turbo

Search URL Search Domain Scan URL

URL: https://blog.en.uptodown.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://uptodown-android.id.uptodown.com/android
Title: Uptodown App Store

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/support
Title: Buka halaman dukungan

Search URL Search Domain Scan URL

URL: https://bet365.en.uptodown.com/android
Title: EN English

Search URL Search Domain Scan URL

URL: https://bet365.uptodown.com/android
Title: ES Español

Search URL Search Domain Scan URL

URL: https://bet365.br.uptodown.com/android
Title: PT Português

Search URL Search Domain Scan URL

URL: https://bet365.de.uptodown.com/android
Title: DE Deutsch

Search URL Search Domain Scan URL

URL: https://bet365.fr.uptodown.com/android
Title: FR Français

Search URL Search Domain Scan URL

URL: https://bet365.it.uptodown.com/android
Title: IT Italiano

Search URL Search Domain Scan URL

URL: https://bet365.cn.uptodown.com/android
Title: ZH 中文

Search URL Search Domain Scan URL

URL: https://bet365.jp.uptodown.com/android
Title: JA 日本語

Search URL Search Domain Scan URL

URL: https://bet365.ru.uptodown.com/android
Title: RU Pусский

Search URL Search Domain Scan URL

URL: https://bet365.kr.uptodown.com/android
Title: KO 한국어

Search URL Search Domain Scan URL

URL: https://bet365.ar.uptodown.com/android
Title: AR العربية

Search URL Search Domain Scan URL

URL: https://bet365.th.uptodown.com/android
Title: TH ภาษาไทย

Search URL Search Domain Scan URL

URL: https://bet365.tr.uptodown.com/android
Title: TR Türkçe

Search URL Search Domain Scan URL

URL: https://bet365.in.uptodown.com/android
Title: HI हिन्दी

Search URL Search Domain Scan URL

URL: https://bet365.vi.uptodown.com/android
Title: VI tiếng Việt

Search URL Search Domain Scan URL

URL: https://bet365.ro.uptodown.com/android
Title: RO Română

Search URL Search Domain Scan URL

URL: https://www.youtube.com/uptodown

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@uptodown_com

Search URL Search Domain Scan URL

URL: https://x.com/uptodown

Search URL Search Domain Scan URL

URL: https://instagram.com/uptodown

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/uptodown/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Uptodown.International

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/aboutus/uptodown
Title: Tentang Kami

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/developers-zone
Title: Publikasikan aplikasi Anda

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/advertising
Title: Iklan

Search URL Search Domain Scan URL

URL: https://support.uptodown.com/hc/en-us
Title: FAQ & Dukungan

Search URL Search Domain Scan URL

URL: https://id.uptodown.com/about-us/editors
Title: Kebijakan editorial

Search URL Search Domain Scan URL

URL: https://uptodown.factorialhr.es/
Title: Bergabung dengan Kami

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/aboutus/services
Title: Ketentuan Layanan untuk Pengguna

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/aboutus/privacy
Title: Kebijakan Privasi & Kuki

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/developers-zone/services
Title: Ketentuan Layanan untuk Pengembang

Search URL Search Domain Scan URL

URL: https://en.uptodown.com/dmca
Title: DMCA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bet365.id.uptodown.com/ HTTP 301
https://bet365.id.uptodown.com/android Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://oajs.openx.net/esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp&cc=1

Request Chain 94

https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0&b=1&tp=m%2Fd2sRnmO%2BtmHSsPQJKLGogPOPHy%2FZQm%2B%2FDZBvMkVhs%3D

Request Chain 144

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001733506407-4CR55FV3-45F2%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=5426684606420545233&gdpr=0

Request Chain 145

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2%26auid%3DAU1D-0100-001733506407-4CR55FV3-45F2 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=2158eb35-1921-48bc-aaf6-967c73986bc6&id=AU1D-0100-001733506407-4CR55FV3-45F2&auid=AU1D-0100-001733506407-4CR55FV3-45F2

Request Chain 146

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=3EC3B8BC-C43B-43D7-943A-84F859E252FA&id=AU1D-0100-001733506407-4CR55FV3-45F2

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733506407-4CR55FV3-45F2&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&id=AU1D-0100-001733506407-4CR55FV3-45F2

Request Chain 149

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001733506407-4CR55FV3-45F2&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733506407-4CR55FV3-45F2%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001733506407-4CR55FV3-45F2&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733506407-4CR55FV3-45F2%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001733506407-4CR55FV3-45F2%252526tapad_id%25253D2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&ttd_puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001733506407-4CR55FV3-45F2%2526tapad_id%253D2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&tapad_id=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad

Request Chain 151

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2 HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=2987853030513172148&id=AU1D-0100-001733506407-4CR55FV3-45F2

Request Chain 152

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0

Request Chain 153

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001733506407-4CR55FV3-45F2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzUwNjQwNy00Q1I1NUZWMy00NUYy

Request Chain 154

https://id5-sync.com/i/492/8.gif?o=api&id5id=ID5*JN9R9MGGquSWCYrgM6G-XbSeza8BysHN6eSnZB9CDGbf_9Cwa-yWeiOd4Yt_xoty&gdpr_consent=undefined&gdpr=false HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-a7ffhG6ddtPhvXJ2SYnP8Xb6PUQi9l-sDJD2Wqo79A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F492%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-a7ffhG6ddtPhvXJ2SYnP8Xb6PUQi9l-sDJD2Wqo79A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F492%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/492/124/7/2.gif?puid=6fcda006-d7a7-46cd-9462-3e2268509a53&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/492/434/6/3.gif?puid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/492/203/5/4.gif?puid=271c225d-6f57-43aa-96a3-8ce17d666e63&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/492/108/4/5.gif?puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/492/796/3/6.gif?puid=0eb33901-5ec7-4a79-a543-923b48a1129e&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?puid=AAD6hE7OpmsAABaEiMl_Ag&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/492/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/492/2/1/8.gif?puid=5426684606420545233&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=85&3pid=AAD6hE7OpmsAABaEiMl_Ag&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F1241%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://ce.lijit.com/merge?pid=85&3pid=AAD6hE7OpmsAABaEiMl_Ag&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F1241%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
https://id5-sync.com/c/492/1241/0/9.gif?puid=JyY9ARZHFDeTvjBnTxWIctmw&gdpr=0&gdpr_consent=

166 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request android Show response
bet365.id.uptodown.com/
Redirect Chain

https://bet365.id.uptodown.com/
https://bet365.id.uptodown.com/android

130 KB
26 KB

282ms
272ms

Document
text/html

151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca4afa0723d45439f58c44f80ee8a79bd95266e96736a6f81b62e10634e5928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: must-revalidate, public, max-age=300,private
content-encoding: gzip
content-length: 26151
content-type: text/html;charset=UTF-8
date: Fri, 06 Dec 2024 17:33:23 GMT
expires: Sat, 07 Dec 2024 17:33:23 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-mia-kmia1760095-MIA, cache-mia-kmia1760063-MIA
x-timer: S1733506404.650467,VS0,VE244

Redirect headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: must-revalidate, public, max-age=300,private
content-type: text/html;charset=UTF-8
date: Fri, 06 Dec 2024 17:33:23 GMT
expires: Fri, 06 Dec 2024 17:34:23 GMT
location: https://bet365.id.uptodown.com/android
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-mia-kmia1760092-MIA, cache-mia-kmia1760063-MIA
x-timer: S1733506404.535635,VS0,VE76

GET
H2 200 geomanist-medium-webfont-test.woff2
stc.utdstc.com/fonts/ 17 KB
17 KB 185ms
33ms Font
application/octet-stream 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/fonts/geomanist-medium-webfont-test.woff2

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fccde017f4c101570f9a09e7fc88c97f45706ddda309799aa1ccb0a7e49e7a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bet365.id.uptodown.com
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "649e82da-43b0"
age: 894275
expires: Wed, 26 Nov 2025 09:08:48 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 30 Jun 2023 07:23:06 GMT
content-type: application/octet-stream
x-served-by: cache-mia-kmia1760060-MIA, cache-mia-kmia1760050-MIA
x-cache-hits: 0, 1786
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
cache-control: max-age=31536000
x-timer: S1733506404.090204,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17328

GET
H2 200 geomanist-regular-webfont-test.woff2
stc.utdstc.com/fonts/ 17 KB
17 KB 182ms
32ms Font
application/octet-stream 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/fonts/geomanist-regular-webfont-test.woff2

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f00d64b58462446057e5093cb434ad1b5bad866d921598392b939e734f5eb438

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bet365.id.uptodown.com
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "649e82da-4238"
age: 889992
expires: Wed, 26 Nov 2025 09:08:48 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 30 Jun 2023 07:23:06 GMT
content-type: application/octet-stream
x-served-by: cache-mia-kmia1760037-MIA, cache-mia-kmia1760050-MIA
x-cache-hits: 0, 1796
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
cache-control: max-age=31536000
x-timer: S1733506404.090342,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16952

GET
H2 200 vendor.css
stc.utdstc.com/1733299958669/ 1 KB
740 B 186ms
36ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/1733299958669/vendor.css

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b89e261e885c16647d44df70dcc9002f3484bad778e284966a7ebe371c06c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67500efe-4a4"
age: 202272
expires: Thu, 04 Dec 2025 09:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 04 Dec 2024 08:12:46 GMT
content-type: text/css
x-served-by: cache-mia-kmia1760074-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 2186
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.090338,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 607

GET
H2 200 detail.css
stc.utdstc.com/1733299958669/ 83 KB
13 KB 183ms
33ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/1733299958669/detail.css

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0684e64ee11ec885ccf5f3d22c139b315c24008a53984811abf0fea0976bacdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67500efe-14ab6"
age: 202271
expires: Thu, 04 Dec 2025 09:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 04 Dec 2024 08:12:46 GMT
content-type: text/css
x-served-by: cache-mia-kmia1760054-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 1639
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.090382,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12629

GET
H2 200 a52be48a31f50475bd697e1db8507f9d.js Show response
geo.cookie-script.com/s/ 4 KB
1 KB 574ms
144ms Script
application/javascript 188.226.136.4
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cookie-script.com/s/a52be48a31f50475bd697e1db8507f9d.js?country=no-is-li-gb-ch-br&state=ca&region=eu
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.226.136.4 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 52d073528326b6ce9efaeee3c27fc36761b862d521e2eabe066587bb2294792e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-cache-status: RESET JS
access-control-allow-origin: *
content-encoding: gzip
content-length: 1130
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript

GET
H2 200 pub-0337387298854186 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 354ms
87ms Script
application/javascript 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-0337387298854186?ers=1

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3e6ac788315b20e0fb220d27e5954f8d03498e0dd7fa3a0942136d35c9cb6d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfRHSWkaL5jPutu7e0b7jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhePLqzC42gQNtsw4wKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhmY6hmYxBcYAAD6NkEj"
content-security-policy: script-src 'report-sample' 'nonce-KfRHSWkaL5jPutu7e0b7jQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 060931bd79f9f26f5b64ef41a9bd0d072079bd4d9055a2b9205301c8b312a3eb
img.utdstc.com/screen/060/931/ 1 KB
2 KB 40ms
34ms Image
image/webp 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/060/931/060931bd79f9f26f5b64ef41a9bd0d072079bd4d9055a2b9205301c8b312a3eb

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

111d50292c80768df11cf2a437da0dfa9679bb07c69b2cbc425a7bd91cee661e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "672d6163-5da"
age: 871737
expires: Wed, 26 Nov 2025 15:24:26 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 08 Nov 2024 00:54:59 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760067-MIA, cache-mia-kmia1760074-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.111420,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1498
x-xss-protection: 1; mode=block

GET
H2 200 tag Show response
btloader.com/ 59 KB
20 KB 310ms
46ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad163481ac289c0c64698b501de4c42d2d0e845a94b59f635500edb7f10132f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "ff18a626e0501929e146bac8e5da9ac3"
age: 632
via: 1.1 google
cf-ray: 8ede05534a0d5c66-MIA
accept-ranges: bytes
content-length: 20043
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 17:21:26 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 icons-nolazy.svg
stc.utdstc.com/img/ 7 KB
3 KB 41ms
35ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/icons-nolazy.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f30ad78709315382f6d4238c41c472fa6968ada3093504ff2127ff9115334ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-1bf1"
age: 894275
expires: Wed, 26 Nov 2025 09:08:48 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760078-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 10681
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.111048,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2548

GET
H2 200 icon-12-hotlink.svg
stc.utdstc.com/img/svgs/ 902 B
836 B 40ms
35ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/svgs/icon-12-hotlink.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2839413303baa82ca1b8a19957ddfa5422c548bfd8968f5e96e54ab8dc3f67fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-386"
age: 894275
expires: Wed, 26 Nov 2025 09:08:48 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760078-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 8542
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.111301,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 674

GET
H2 200 logo-uptodown.svg
stc.utdstc.com/img/svgs/ 4 KB
1 KB 42ms
37ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/svgs/logo-uptodown.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

06b55f0746c6b28ad7772a010963dbef74477f542eb754f5380c8a99ea9ba05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-e09"
age: 894283
expires: Wed, 26 Nov 2025 09:08:41 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760091-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 8408
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.111342,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1034

GET
H2 200 bb4b0a8c796363261d78abd64a318a5f25c4b23f7ceb9d2da52f3d33a1f2b9ec:100
img.utdstc.com/icon/bb4/b0a/ 2 KB
2 KB 204ms
34ms Image
image/webp 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/bb4/b0a/bb4b0a8c796363261d78abd64a318a5f25c4b23f7ceb9d2da52f3d33a1f2b9ec:100

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5001b4b9d91bab13e9fc90e87b349724a11d0cb5d0ee00901012e1b8d82afbac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ee945b-81e"
age: 890024
expires: Wed, 26 Nov 2025 10:19:40 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 09:39:39 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760043-MIA, cache-mia-kmia1760074-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.110901,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2078
x-xss-protection: 1; mode=block

GET
H2 200 060931bd79f9f26f5b64ef41a9bd0d072079bd4d9055a2b9205301c8b312a3eb:200
img.utdstc.com/screen/060/931/ 5 KB
5 KB 720ms
550ms Image
image/webp 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/060/931/060931bd79f9f26f5b64ef41a9bd0d072079bd4d9055a2b9205301c8b312a3eb:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2630651d84cecffded9e8253cdc4b254cd1f16540f8a78dedd799b044260bac3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "65d89860-123c"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 23 Feb 2024 13:06:40 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760083-MIA, cache-mia-kmia1760074-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.111185,VS0,VE512
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4668
x-xss-protection: 1; mode=block

GET
H2 200 c072cbc915806bc5d9a450e7b1d98234af4c9dfe304b88ca36fd25fe1d02e41d:200
img.utdstc.com/screen/c07/2cb/ 5 KB
5 KB 706ms
537ms Image
image/webp 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/c07/2cb/c072cbc915806bc5d9a450e7b1d98234af4c9dfe304b88ca36fd25fe1d02e41d:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8bf0336e56dac84ee62d0f4687a1245059645105089eaf112946ee2ea996ca2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66efc443-12c2"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sun, 22 Sep 2024 07:16:19 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760029-MIA, cache-mia-kmia1760074-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.111693,VS0,VE502
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4802
x-xss-protection: 1; mode=block

GET
H2 200 10d55dbe4501d5a6886ce1fd04311020810ea5ad2a7719cd1d9519fc10e7a9e5:200
img.utdstc.com/screen/10d/55d/ 3 KB
3 KB 621ms
616ms Image
image/webp 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/10d/55d/10d55dbe4501d5a6886ce1fd04311020810ea5ad2a7719cd1d9519fc10e7a9e5:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51bdd3c5212d3abf08b5ebc6bf7292fb76806debc4c096f3ae15b4738db87fb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ef5a8e-a38"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 23:45:18 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760059-MIA, cache-mia-kmia1760074-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.111444,VS0,VE584
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2616
x-xss-protection: 1; mode=block

GET
H2 200 icon-bar-arrow.svg
stc.utdstc.com/img/svgs/ 409 B
484 B 42ms
38ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/svgs/icon-bar-arrow.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a94c989e9aece6cc36d94e5d1a5109e838c6b0d0c962c5a47ffcd78751ae1501

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-199"
age: 894274
expires: Wed, 26 Nov 2025 09:08:49 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760072-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 8576
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.111458,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 327

GET
H2 200 icon-bar-close.svg
stc.utdstc.com/img/svgs/ 863 B
643 B 40ms
36ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/svgs/icon-bar-close.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36800adc29c76c8ded03056d559c6c8a249aacfa0d747c9974c00de60b1eb26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-35f"
age: 894274
expires: Wed, 26 Nov 2025 09:08:49 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760086-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 8641
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.112203,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 480

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
106 KB 337ms
74ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f5a86c8915493c3399cd4bf38db1ada2a8f2850af11a98323468d5e14ef9295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 06 Dec 2024 17:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107419
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 uptodown.js Show response
scripts.ssm.codes/ 566 KB
145 KB 284ms
57ms Script
application/javascript 172.67.69.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.ssm.codes/uptodown.js
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22a24aed6b6e4bfe61d4ab9475434020c02926ad167d58d08e2724e8cbd15d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"674472d3-8d64d"
age: 544052
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4r3EbKodPnoG6ReujMOTfUiMShhz8DlxCO59CLE5u21gGDwOJ%2FlbCF1Egk43eIHcpbSy8rV%2FONNdhXZ6Jdj1Q0cL7tB9YWVZMHQHeGcAQ6yQ4OZx3EzaCvZgmAAtobT2X%2FkO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30651&min_rtt=30621&rtt_var=11504&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4302&recv_bytes=4290&delivery_rate=104073&cwnd=12000&unsent_bytes=0&cid=57c7fc1aa553851e&ts=236&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 25 Nov 2024 12:51:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: *
cache-control: public, stale-if-error=7890000, stale-while-revalidate=7890000, s-maxage=31536000, max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8ede05531e218dea-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 matomo.js Show response
m.uptodown.net/ 66 KB
22 KB 262ms
35ms Script
application/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.uptodown.net/matomo.js

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"66f8fe01-10784"
age: 30
expires: Wed, 04 Dec 2024 17:27:34 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript
last-modified: Sun, 29 Sep 2024 07:13:05 GMT
x-served-by: cache-mia-kmia1760050-MIA
x-cache-hits: 3
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=3600, public
pragma: public
x-timer: S1733506404.371534,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
content-length: 21921

GET
H2 200 vendor.js Show response
stc.utdstc.com/1733299958669/ 33 KB
15 KB 48ms
40ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/1733299958669/vendor.js

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c027749cb4bb34ce24e94f6376dbeddacd64b18bb493a1533058f37aa04532ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67500efe-8203"
age: 202272
expires: Thu, 04 Dec 2025 09:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 04 Dec 2024 08:12:46 GMT
content-type: application/javascript
x-served-by: cache-mia-kmia1760023-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 2172
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.148019,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 15532

GET
H2 200 detail.js Show response
stc.utdstc.com/1733299958669/ 105 KB
38 KB 34ms
27ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.utdstc.com/1733299958669/detail.js

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a06dca843ae374a03e7f132ae3418d030487311ec276b03b07a70512545f193b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67500efe-1a4cd"
age: 202272
expires: Thu, 04 Dec 2025 09:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 04 Dec 2024 08:12:46 GMT
content-type: application/javascript
x-served-by: cache-mia-kmia1760076-MIA, cache-mia-kmia1760021-MIA
x-cache-hits: 0, 1575
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.147261,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 38652

GET
H3 200 icon-24-turbo2.svg
stc.utdstc.com/img/svgs/ 992 B
1 KB 34ms
32ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/svgs/icon-24-turbo2.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8478b2a3764a8b84af7ca3852738a498759b83f0e290c054ddb8de1af854e77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-3e0"
age: 894275
expires: Wed, 26 Nov 2025 09:08:49 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760049-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 1722
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.210307,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 662

GET
H3 200 1911b6ced388d418324bdd26025903fa6c98b4d1e61ec648eab237064618c6f4:200
img.utdstc.com/screen/191/1b6/ 4 KB
4 KB 635ms
629ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/191/1b6/1911b6ced388d418324bdd26025903fa6c98b4d1e61ec648eab237064618c6f4:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d6c7fb43b5379f4b9e866a8639ae9c2bc6998e970b20bd06e1dbfff941485544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66efdd1d-ed2"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sun, 22 Sep 2024 09:02:21 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760097-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.213946,VS0,VE599
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 3794
x-xss-protection: 1; mode=block

GET
H3 200 78bbe80ce331cfa217979df29e2a0162bd6059e40434d6a31290a13961f071f1:200
img.utdstc.com/screen/78b/be8/ 4 KB
5 KB 188ms
180ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/78b/be8/78bbe80ce331cfa217979df29e2a0162bd6059e40434d6a31290a13961f071f1:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8010e544339bf10c7a4ac516803fca32f56c6d595a2499faef0268caa50d9d8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ef5a8e-11f4"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 23:45:18 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760067-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.216823,VS0,VE149
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4596
x-xss-protection: 1; mode=block

GET
H3 200 ad21eef08c5bcc4966058bd11b16f21d771d5e34e3c8d4ad40d51fdd36355bf5:200
img.utdstc.com/screen/ad2/1ee/ 3 KB
3 KB 648ms
639ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/screen/ad2/1ee/ad21eef08c5bcc4966058bd11b16f21d771d5e34e3c8d4ad40d51fdd36355bf5:200

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

67270f08158fa101a3b2ae87d4d1eb8d8fcf2b3c5fbcfb2ad67abef7094d91d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66efdd1d-a20"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sun, 22 Sep 2024 09:02:21 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760058-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.217646,VS0,VE605
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2592
x-xss-protection: 1; mode=block

GET
H3 200 andres.jpg
stc.utdstc.com/img/ 11 KB
11 KB 43ms
34ms Image
image/jpeg 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/andres.jpg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76e9c3f785f7c3c1cfbd016be0579f6980a12f8a76aea06a7e6d0f49f6a7427c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

fastly-io-info: ifsz=35481 idim=232x237 ifmt=jpeg ofsz=11116 odim=232x237 ofmt=jpeg
etag: "Yi4gcksyZuHB3+QGrAwnJiYhbjuVdYzjHsqATMNPUhk"
age: 894273
expires: Wed, 26 Nov 2025 09:08:51 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/jpeg
x-served-by: cache-mia-kmia1760040-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 736
x-frame-options: SAMEORIGIN
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.217909,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 11116
fastly-io-served-by: vpop-kiad7010214

GET
H3 200 icons-info.svg
stc.utdstc.com/img/ 26 KB
7 KB 41ms
33ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.utdstc.com/img/icons-info.svg

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b15eb85fe374d2db60bd2223075e43b349fe366944b352247514e3efc2f09de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: W/"67346628-668f"
age: 894275
expires: Wed, 26 Nov 2025 09:08:49 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
content-type: image/svg+xml
x-served-by: cache-mia-kmia1760065-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 2026
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
vary: Accept-Encoding
cache-control: max-age=31536000, public
pragma: public
x-timer: S1733506404.217781,VS0,VE0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 6872

GET
H3 200 60fe4d731be6e7a605a34ed23aab72e41d93b6dadc2b7879b02b2447e5ad6e55:60
img.utdstc.com/icon/60f/e4d/ 1022 B
1 KB 222ms
214ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/60f/e4d/60fe4d731be6e7a605a34ed23aab72e41d93b6dadc2b7879b02b2447e5ad6e55:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

919d79261e5b61afb0a5d29336e9dcd619bcad54d4e195c0185a2ccfdd697132

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66efdb09-3fe"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sun, 22 Sep 2024 08:53:29 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760093-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.217949,VS0,VE183
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1022
x-xss-protection: 1; mode=block

GET
H3 200 755f4600f871fb90d1087b9dd37c0f5475aea2477ff316e937566b655da55d77:60
img.utdstc.com/icon/755/f46/ 3 KB
3 KB 645ms
638ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/755/f46/755f4600f871fb90d1087b9dd37c0f5475aea2477ff316e937566b655da55d77:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c59dd8b54438033bdd71c3759bcb01d2a56e2076c9a13ef7b55cf1911dae61f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66eee9c0-ab8"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 15:44:00 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760028-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.218320,VS0,VE604
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2744
x-xss-protection: 1; mode=block

GET
H3 200 e8ee5fe0cf9f3db987e031fdac1bd6ab12cde464facaef5dd7f93732dc667106:60
img.utdstc.com/icon/e8e/e5f/ 3 KB
3 KB 647ms
640ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/e8e/e5f/e8ee5fe0cf9f3db987e031fdac1bd6ab12cde464facaef5dd7f93732dc667106:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c76ca5021ce8331b8ac4a12fdae3f1a580538363164fd32d4a8f53c8e56e583

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "6711abfa-aca"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 18 Oct 2024 00:29:46 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760024-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.218313,VS0,VE603
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2762
x-xss-protection: 1; mode=block

GET
H3 200 de99d112ceb5808dbaa40291515cf5442f0ebd586617891a8cafea859051d302:60
img.utdstc.com/icon/de9/9d1/ 2 KB
3 KB 646ms
639ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/de9/9d1/de99d112ceb5808dbaa40291515cf5442f0ebd586617891a8cafea859051d302:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9fd2b4ace77dcf933159c8aee3c6b70e5863cc936430e168526122c86798723d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "67052a41-8ce"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Tue, 08 Oct 2024 12:49:05 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760028-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.218488,VS0,VE605
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2254
x-xss-protection: 1; mode=block

GET
H3 200 447ced14e96177c62b44853e26a39141d5b9d02aba032bc05504e71190cc41ed:60
img.utdstc.com/icon/447/ced/ 2 KB
2 KB 525ms
518ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/447/ced/447ced14e96177c62b44853e26a39141d5b9d02aba032bc05504e71190cc41ed:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c58922bf60cad0f692025cf3bbe4926579ede4d574b5bee00534134bb7ff0ed1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66f01c48-864"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sun, 22 Sep 2024 13:31:52 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760057-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.219464,VS0,VE487
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2148
x-xss-protection: 1; mode=block

GET
H3 200 092a0a4e0ca18291056def10bb056dffcd4f8beb97fdb08cdf0018f1df555612:60
img.utdstc.com/icon/092/a0a/ 2 KB
2 KB 670ms
663ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/092/a0a/092a0a4e0ca18291056def10bb056dffcd4f8beb97fdb08cdf0018f1df555612:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

063ae0a535033a4e1fdbde7dfd612fdddec8608dff30bd3da5a8ee91b06be799

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "65d8af10-75c"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Fri, 23 Feb 2024 14:43:28 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760029-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.219412,VS0,VE631
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1884
x-xss-protection: 1; mode=block

GET
H3 200 47003dde04a6dcde2c681c6dc07b6d139dcd6660a1ffdce6e8b391279c08478e:60
img.utdstc.com/icon/470/03d/ 2 KB
3 KB 635ms
628ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/470/03d/47003dde04a6dcde2c681c6dc07b6d139dcd6660a1ffdce6e8b391279c08478e:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7be49211e8eaa54cbd0e90256bc9a82b37cc3e9b61b400fb9d403771b5b26d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66f0fc64-9ee"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Mon, 23 Sep 2024 05:28:04 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760032-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.219607,VS0,VE596
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2542
x-xss-protection: 1; mode=block

GET
H3 200 7942e197684a900758d0f9a2caa7439acc49c54b09ba5d2829f6a7d71d102672:60
img.utdstc.com/icon/794/2e1/ 2 KB
2 KB 667ms
660ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/794/2e1/7942e197684a900758d0f9a2caa7439acc49c54b09ba5d2829f6a7d71d102672:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

842593edf7b01d8a7e6dc9e05fb39d1ec176cf83b455bc1205e735638ac9b584

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66eed23f-848"
age: 0
expires: Sat, 06 Dec 2025 17:33:24 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 14:03:43 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760097-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.219981,VS0,VE628
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2120
x-xss-protection: 1; mode=block

GET
H3 200 f4a126aff716cc5f705d936c3dfff26a0a9b796716915c2017c2cf65dacac639:60
img.utdstc.com/icon/f4a/126/ 736 B
1 KB 40ms
34ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/f4a/126/f4a126aff716cc5f705d936c3dfff26a0a9b796716915c2017c2cf65dacac639:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3e40ecff55e081f55daf246892a2696928c825b564d8a465befa04148f2e37a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ee9a1f-2e0"
age: 798341
expires: Wed, 26 Nov 2025 09:41:46 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 10:04:15 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760041-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.220286,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 736
x-xss-protection: 1; mode=block

GET
H3 200 f4ecdc32973c854ecf6f9b082a3450715cb1f77a47a9a6a27c3db9d1cd8ba563:60
img.utdstc.com/icon/f4e/cdc/ 630 B
1 KB 40ms
35ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/f4e/cdc/f4ecdc32973c854ecf6f9b082a3450715cb1f77a47a9a6a27c3db9d1cd8ba563:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c42c3d7e1c0e4d1029832d2586055c67064b5dbb70fafd41d9749f6c117d11bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66eea23a-276"
age: 864437
expires: Wed, 26 Nov 2025 17:26:07 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 10:38:50 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760079-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.220462,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 630
x-xss-protection: 1; mode=block

GET
H3 200 a0a7bba95a813c01732d31d3075131418e2c9493a6cd0fe7498db8f86085df59:60
img.utdstc.com/icon/a0a/7bb/ 1 KB
2 KB 41ms
35ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/a0a/7bb/a0a7bba95a813c01732d31d3075131418e2c9493a6cd0fe7498db8f86085df59:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35fa60dc69f25c9d34d3af60b390fc1acbdb14a0d1986ee3465f18e4d5bd22d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ef5b72-59a"
age: 365758
expires: Tue, 02 Dec 2025 11:57:25 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/webp
last-modified: Sat, 21 Sep 2024 23:49:06 GMT
x-served-by: cache-mia-kmia1760063-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.220737,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1434
x-xss-protection: 1; mode=block

GET
H3 200 10f0a3a425ab9587b3524a536cda8da8936fc0d87b48a8ef9bcbc4907bda39ad:60
img.utdstc.com/icon/10f/0a3/ 622 B
1017 B 46ms
40ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/10f/0a3/10f0a3a425ab9587b3524a536cda8da8936fc0d87b48a8ef9bcbc4907bda39ad:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c96429cbc6b4ed147743dc6a10753d9825a29d5224295fdbf8a9ec07c30485e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "65d8829d-26e"
age: 863280
expires: Wed, 26 Nov 2025 17:45:23 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/webp
last-modified: Fri, 23 Feb 2024 11:33:49 GMT
x-served-by: cache-mia-kmia1760088-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.220634,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 622
x-xss-protection: 1; mode=block

GET
H3 200 734d884394373c10c9e5ff5c2a1517ce7d6c38f4c5fb98d9d3ce68194f48ba0e:60
img.utdstc.com/icon/734/d88/ 2 KB
3 KB 49ms
43ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/734/d88/734d884394373c10c9e5ff5c2a1517ce7d6c38f4c5fb98d9d3ce68194f48ba0e:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a7887a2706775f4918cf25e446a483eda541422c7178ba4bfa322dfbbbed2522

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ef5b71-896"
age: 235192
expires: Thu, 04 Dec 2025 00:13:31 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/webp
last-modified: Sat, 21 Sep 2024 23:49:05 GMT
x-served-by: cache-mia-kmia1760089-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.221441,VS0,VE5
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2198
x-xss-protection: 1; mode=block

GET
H3 200 431c6be8e8dbb358738980c75c35c56ee8e8c3238089ed9b6f04d295d4008970:60
img.utdstc.com/icon/431/c6b/ 918 B
1 KB 46ms
40ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/431/c6b/431c6be8e8dbb358738980c75c35c56ee8e8c3238089ed9b6f04d295d4008970:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be9c627e58bfd901d0e941aa786c106277a04672cc1f0da5931fe31ae09f3318

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66ef4f6a-396"
age: 209536
expires: Wed, 26 Nov 2025 09:41:48 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 22:57:46 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760066-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.222098,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 918
x-xss-protection: 1; mode=block

GET
H3 200 93dbc298ea5d963882c2b25e7100df3e2ac2be81d3d6782e9d3ef2393e04c896:60
img.utdstc.com/icon/93d/bc2/ 2 KB
2 KB 48ms
42ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/93d/bc2/93dbc298ea5d963882c2b25e7100df3e2ac2be81d3d6782e9d3ef2393e04c896:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a0215fcc8cc36a8dc5900f34dd4d1146fe30cad1fa26c941dd4bd3a1c28ecd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66eeacad-69c"
age: 870048
expires: Wed, 26 Nov 2025 15:52:35 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 11:23:25 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760093-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.222264,VS0,VE3
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1692
x-xss-protection: 1; mode=block

GET
H3 200 28d7a516455fca30979019367c69b43adab597a4e63c0b89b4dbe917706e7feb:60
img.utdstc.com/icon/28d/7a5/ 1 KB
2 KB 46ms
41ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/28d/7a5/28d7a516455fca30979019367c69b43adab597a4e63c0b89b4dbe917706e7feb:60

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ce1baf72e9581b47dfab92281376bbe1ccf39af58229f3b8f302e66d1e53d97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: "66eed73a-560"
age: 870049
expires: Wed, 26 Nov 2025 15:52:35 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, HIT
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Sat, 21 Sep 2024 14:24:58 GMT
content-type: image/webp
x-served-by: cache-mia-kmia1760044-MIA, cache-mia-kmia1760098-MIA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300
content-security-policy: default-src 'self'
cache-control: max-age=31536000
x-timer: S1733506404.222252,VS0,VE1
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1376
x-xss-protection: 1; mode=block

POST
H2 204 matomo.php
m.uptodown.net/ 0
0 193ms
189ms Ping
text/html 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uptodown.net/matomo.php?action_name=Bet365%20untuk%20Android%20-%20Unduh%20APK%20dari%20Uptodown&idsite=2&rec=1&r=547499&h=7&m=33&s=24&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&_id=72dc664a988543ab&_idn=1&send_image=0&_refts=0&pv_id=tm6IKW&pf_net=0&pf_srv=279&pf_tfr=10&pf_dm1=210&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: m.uptodown.net
URL: https://m.uptodown.net/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://bet365.id.uptodown.com/

Response headers

GET
H2 200 px.gif Show response
bt.dns-finder.com/ 43 B
1001 B 138ms
38ms Fetch
image/gif 2606:4700:3033::6815:19ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bt.dns-finder.com/px.gif
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:19ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4W9zd4j8teYqipFRmuKvXIWGrMCyRw5OucD8qRkwCC4PJToVlQzwMqqQtB0HY2I3FASXyyYayW5LHkvhWJaaG9glGdtsw7RVLJR4D0T3Jlpoo4ZcUPIlC%2Bs3k9m1veU%2FHAuSK6ED2NZNNDdAyRILg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Fri, 06 Dec 2024 17:42:42 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 43
server-timing: cfL4;desc="?proto=TCP&rtt=30193&min_rtt=29972&rtt_var=6658&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4033&recv_bytes=2219&delivery_rate=126870&cwnd=252&unsent_bytes=0&cid=40bc9f7d86b87a8b&ts=65&x=0"
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/gif
last-modified: Fri, 19 Jul 2024 16:36:17 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC491z3CFH9lEAwnQxc68TKanaEIzoEG3i9k3XKuLRwfowNCW9hKHgp3moKb33ECzYt20Q
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8ede05545e050981-MIA
accept-ranges: bytes
x-goog-generation: 1721406977485562
content-length: 43
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
494 B 145ms
45ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 204734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZvLvAdqmeJ2m0gj2%2BX4ZlVasnjMjiq4wb5RV2D0fgRXm0ytTYxPs%2BS08YEb%2BI7Q7MIteQNt1%2BYZ3N7Vt1AObfmjRI4ACSevY7%2BBEBw68MZ61sryzhgQRLTOda%2FSlZVHHFH0svnfJ1XKdxatQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 04 Dec 2024 09:30:53 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=29579&min_rtt=29374&rtt_var=6506&sent=10&recv=11&lost=0&retrans=0&sent_bytes=5159&recv_bytes=2273&delivery_rate=129669&cwnd=250&unsent_bytes=0&cid=e9cc40cd55bba47a&ts=68&x=0"
x-goog-stored-content-length: 43
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC52rEhzHieUAQq2mrrShbYGTeRPqIGtWnvUhi-1WRDcPYAqsaPDz_aQawyNV5V08ek3qVk
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ede05545cb74978-MIA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 122ms
55ms Image
image/x-icon 172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
age: 15052
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 13:22:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 13:22:32 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
1 KB 141ms
43ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7126230613609663
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 204734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrerAAN1aVAkF7jkB%2Ba9dpnVo8e3%2F0C7rIOuHqjwh%2FaBQwQ4b68xsQZdDzsZQ5cqG1kOXnnwvQas0bqtFCv%2BBEqUF8jhVqnnp6%2Btpt0vaaNf0UdqOOZMde515SHl9YsxxQCtbGWj0gijpkbJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 04 Dec 2024 09:30:53 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=29579&min_rtt=29374&rtt_var=6506&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2273&delivery_rate=129669&cwnd=250&unsent_bytes=0&cid=e9cc40cd55bba47a&ts=67&x=0"
x-goog-stored-content-length: 43
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC52rEhzHieUAQq2mrrShbYGTeRPqIGtWnvUhi-1WRDcPYAqsaPDz_aQawyNV5V08ek3qVk
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8ede05545cba4978-MIA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 topics_frame.html
ssm.codes/topics/ Frame A077 0
0 203ms
59ms Document
text/html 172.67.69.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssm.codes/topics/topics_frame.html

Requested by

Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.203 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 533135
alt-svc: h3=":443"; ma=86400
cache-control: public, stale-if-error=7890000, stale-while-revalidate=7890000, s-maxage=31536000, max-age=300
cf-cache-status: HIT
cf-ray: 8ede05562f2f7462-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 06 Dec 2024 17:33:24 GMT
last-modified: Thu, 04 Jul 2024 11:38:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYNJJvHQ%2B69e09OdC4fP8bOmF0ivTh6XKvUVfsyewrIE62HiFpupAlDpJzdmp1NPvpituar8hCEjLPU%2FcPb253YvEdja3mVL5DnvupPrFkXPakBtPbyCQ2kksQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfL4;desc="?proto=QUIC&rtt=30714&min_rtt=30523&rtt_var=11582&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4308&recv_bytes=4427&delivery_rate=92501&cwnd=12000&unsent_bytes=0&cid=93aee9cf10345f16&ts=160&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 252ms
88ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ad191ab4a274a24f6e81576c680ac448e450f350df41d552b20647ff2d63b24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 431 / 20063 / 31089193 / config-hash: 4346704433741852975
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34112
x-xss-protection: 0
server: cafe

GET
H2 200 AGSKWxXtUkka7TCfhoV2qiTbZHIkk84xYmR9hPUkMKUWUiFyfTnEpah0nEwfa6mXVZEVNrn6wvJtJztI3KBd_GwBbL1J4MYgvxFWd9WwQ6CxjkdVR55M_gHgrvZZeq-ojIX8ykxNf2K71A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 96ms
93ms Script
application/javascript 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXtUkka7TCfhoV2qiTbZHIkk84xYmR9hPUkMKUWUiFyfTnEpah0nEwfa6mXVZEVNrn6wvJtJztI3KBd_GwBbL1J4MYgvxFWd9WwQ6CxjkdVR55M_gHgrvZZeq-ojIX8ykxNf2K71A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNTA2NDA0LDcwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iZXQzNjUuaWQudXB0b2Rvd24uY29tL2FuZHJvaWQiLG51bGwsW1s4LCJfOUVkcVY2Y0haVSJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d3d2950347d831d255a920bec3be4c52fc95ce16553cb3f223e2f2c0a2c140

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DtR95b90LOLvDqylqOv0hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhePLqzC42gR-L-14xKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhmY6hmYxBcYAAASskGd"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DtR95b90LOLvDqylqOv0hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 172ms
65ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5175773613260800
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: application/json
vary: Origin

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 188ms
69ms Fetch
text/plain 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=45je4c40v888089788za200&_p=1733506404125&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=2082567788.1733506405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733506404&sct=1&seg=0&dl=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&dt=Bet365%20untuk%20Android%20-%20Unduh%20APK%20dari%20Uptodown&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1425
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bet365.id.uptodown.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: text/plain
server: Golfe2

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 87ms
72ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=CwUtPY4Ej-TzEbpK7P8l-939d089045&w=6320147589758976&o=5175773613260800&cv=2.1.66&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&sid=9ApL6LjP-n0CIa6blB-939d089045&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5175773613260800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:24 GMT
vary: Origin

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/ 497 KB
153 KB 63ms
62ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 6587945458042342373
age: 2762
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 16:47:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 16:47:23 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 68ms
67ms Other
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 24
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 17:33:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:01 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 236ms
72ms Script
application/javascript 108.138.112.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: scripts.ssm.codes
URL: https://scripts.ssm.codes/uptodown.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-112-90.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 2253
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: cox4evsDYj8SWw5_wfJYN87dJRfvY8f6OWy7bgyjqxqz1QX8Meemdg==
date: Fri, 06 Dec 2024 16:55:53 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:50:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
x-amz-server-side-encryption: AES256

GET
H3 200 DFPAudiencePixel;ord=3352812019446058;dc_seg=7386413202
pubads.g.doubleclick.net/activity;dc_iu=/78011819/ 42 B
64 B 225ms
99ms Image
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/78011819/DFPAudiencePixel;ord=3352812019446058;dc_seg=7386413202?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Fri, 06 Dec 2024 17:33:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 662E 0
0 178ms
60ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:23:26 GMT
expires: Fri, 06 Dec 2024 18:13:26 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 173ms
85ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

1822a3b018de086aa6171e9ccfc387d0ea45ddfedb368504ba4cea9aa7bf4c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12996
date: Fri, 06 Dec 2024 17:33:25 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 157ms
33ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 1048733
x-goog-stored-content-encoding: gzip
expires: Mon, 24 Nov 2025 14:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Sun, 24 Nov 2024 14:14:32 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC7Vb-kMBR_6H_wHb6BO5ejNX66l7Hbb_uQR9SUIQ6HlM3tzrOWIXw26d2rEo4gFR556YHAmFmt4xQ
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 151ms
41ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7174-43df"
age: 56522
cf-ray: 8ede055a0ba2daf5-MIA
expires: Mon, 09 Dec 2024 17:33:25 GMT
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 179ms
56ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Sat, 07 Dec 2024 17:33:25 GMT
access-control-allow-origin: *
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 208ms
67ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 29340
via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 3I8yH_eKHHkD8tuneUlbNnzNmOnuVE3PZsJOGUwygWOclmAhw3FCGg==
date: Fri, 06 Dec 2024 09:24:26 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 248ms
169ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: 96161c00fc10ad819c09e1314f0ae5b4
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 17:54:21 GMT
server: Google Frontend
x-cloud-trace-context: 33c95040255bf1e19235705403fb8d4b

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 474ms
470ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886399050769074&correlator=1809118398017659&eid=31086815%2C31089350%2C95347780%2C31089193%2C31089253&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fifs&iu_parts=78011819%3A1060150%2CUPTODOWN_BACKUP%2CLeaderboard_App_Info&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C970x250%7C970x90%7C728x90%7C468x60&ifi=1&didk=1986115841&sfv=1-0-40&eri=1&sc=1&lrm=20&cookie_enabled=1&abxe=1&dt=1733506405329&lmt=1733506405&adxs=452&adys=411&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&vis=1&psz=0x100&msz=0x0&fws=132&ohw=1000&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYw6ei6LkySABSAghkEhQKBW9wZW54GMKnoui5MkgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjDp6LouTJIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMKnoui5MkgAUgIIZBIXCghydGJob3VzZRjDp6LouTJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506403917&idt=1297&ppid=d27976e4-66af-45f9-aed4-ce8cc603a69b&cust_params=ssmasdomain%3Duptodown.com%26ssmasin%3D1%26ssmashour%3D17%26ssmcontenttaxonomy%3Dandroid%252Cgaya%2520hidup%252Cperjudian%252Cbet365%26ssmuuid%3Dd27976e4-66af-45f9-aed4-ce8cc603a69b&adks=1922122626&frm=20&eoidce=1&td=1&egid=34738&tan=4f5161fb-ea56-4b41-9da8-3dfad89966cc&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

53ffa06138d76a71ab237e0f23d40aaf9667792e39cc4b7b8b7eb097fd245136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 12238
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
3 KB 378ms
374ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886399050769074&correlator=1809118398017659&eid=31086815%2C31089350%2C95347780%2C31089193%2C31089253&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fifs&iu_parts=1060150%2CMPU_lateral_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300&ifi=2&didk=3966084556&sfv=1-0-40&eri=1&sc=1&lrm=20&cookie_enabled=1&abxe=1&dt=1733506405347&lmt=1733506405&adxs=1178&adys=141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&vis=1&psz=185x100&msz=185x0&fws=132&ohw=185&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506403917&idt=1297&ppid=d27976e4-66af-45f9-aed4-ce8cc603a69b&cust_params=ssmasdomain%3Duptodown.com%26ssmasin%3D1%26ssmashour%3D17%26ssmcontenttaxonomy%3Dandroid%252Cgaya%2520hidup%252Cperjudian%252Cbet365%26ssmuuid%3Dd27976e4-66af-45f9-aed4-ce8cc603a69b&adks=3396260059&frm=20&eoidce=1&td=1&egid=34738&tan=4f5161fb-ea56-4b41-9da8-3dfad89966cd&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

27c6ab3ec27f001abc9ad0cc0d05fed6da61d635b3e6c8469d2b64830d06401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: 6049988864
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138395800166
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 2834
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7178 0
0 222ms
63ms Document
text/html 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:25 GMT
expires: Fri, 06 Dec 2024 17:33:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
3 KB 379ms
377ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886399050769074&correlator=4202437186935678&eid=31086815%2C31089350%2C95347780%2C31089193%2C31089253&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fifs&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C336x280&ifi=3&didk=2053400262&sfv=1-0-40&eri=1&sc=1&lrm=20&cookie_enabled=1&abxe=1&dt=1733506405383&lmt=1733506405&adxs=152&adys=1189&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&vis=1&psz=360x100&msz=360x0&fws=132&ohw=360&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506403917&idt=1297&ppid=d27976e4-66af-45f9-aed4-ce8cc603a69b&cust_params=ssmasdomain%3Duptodown.com%26ssmasin%3D1%26ssmashour%3D17%26ssmcontenttaxonomy%3Dandroid%252Cgaya%2520hidup%252Cperjudian%252Cbet365%26ssmuuid%3Dd27976e4-66af-45f9-aed4-ce8cc603a69b&adks=3481117125&frm=20&eoidce=1&td=1&egid=34738&tan=4f5161fb-ea56-4b41-9da8-3dfad89966ce&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

6bbe91c38dfffe5c61067ee61dbc0feaa6fdf177c9f42de28fccd57d4843b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: 6049988864
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138396392887
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 2829
x-xss-protection: 0
server: cafe

GET
H3 200 favicon.ico
bet365.id.uptodown.com/ 15 KB
15 KB 128ms
127ms Other
image/x-icon 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bet365.id.uptodown.com/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8643d0b3c6a1d291b37e372b5413a1d82565e2b753fe42599a18a29cb6eb4368

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/android

Response headers

etag: "67346628-3c2e"
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 06 Dec 2024 17:33:25 GMT
last-modified: Wed, 13 Nov 2024 08:41:12 GMT
vary: Accept-Encoding
x-served-by: cache-mia-kmia1760052-MIA, cache-mia-kmia1760055-MIA
content-type: image/x-icon
x-frame-options: SAMEORIGIN
x-cache-hits: 0, 0
strict-transport-security: max-age=300
cache-control: public, max-age=31536000,private
x-timer: S1733506405.407791,VS0,VE91
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 15406

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp&cc=1

85 B
193 B

72ms
65ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b749607fad10cba75d35dacf2b225f99fdfbc34f73e355823cfb85943303e943

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

etag: W/"55-ow3b8AOeLiRFJ2fGG7kc6/UYVJo"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://bet365.id.uptodown.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://bet365.id.uptodown.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Dec 2024 17:33:25 GMT
x-powered-by: Express
vary: Origin

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 212ms
62ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
618 B 239ms
66ms XHR
application/json 52.54.3.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.3.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-3-156.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1be566e8d94fb4137be091a26ee42f0a26253a4930c0c8344eeaf5f25dff1169

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://bet365.id.uptodown.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.11.31
server: Jetty(9.4.38.v20210224)

GET
H2 200 syncframe
gum.criteo.com/ Frame 4EDC 0
0 255ms
60ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bet365.id.uptodown.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 423854
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 adzoneright. Show response
fundingchoicesmessages.google.com/f/AGSKWxUgMB_CAGPpvJOq5VoukiNcNdIWiJY3mUnmc2Tq39r5c-5FO2B_geCZoHAf7Q5XT-Egf4KRf0X2lMy053o2aaw-RsN5avKho6915Bbc9Cl02ouBvTp6ZEGDK73DgZ-0P5x8ZorFukrSMVz2Vct-NotMN2awa... 54 B
109 B 100ms
98ms Script
application/javascript 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUgMB_CAGPpvJOq5VoukiNcNdIWiJY3mUnmc2Tq39r5c-5FO2B_geCZoHAf7Q5XT-Egf4KRf0X2lMy053o2aaw-RsN5avKho6915Bbc9Cl02ouBvTp6ZEGDK73DgZ-0P5x8ZorFukrSMVz2Vct-NotMN2awa4hKKoziO7zrMmelhPM6H-riLrttsHMy/_=admeta&/adtitle./ad1r./video.ads./adzoneright.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzSDLaO-HT6nbB3RY9t6_2n3xR0NQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

6afeb9ca6125e03530d145310e848881503f4f90b30ec655f0fcae803c64d154

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ruVomSavOgV0cISOoMR-zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj6aszu9gEDvw9sJFJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBUz8AkvsAAAA_PPlw"
content-security-policy: script-src 'report-sample' 'nonce-ruVomSavOgV0cISOoMR-zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 212ms
79ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

98e400eac1fb007ea5518f27b650c7d823d7d29314ac573de05750f8417e5df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 1879437855337339812
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53322
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWaPh10h8SUdz3UXsJo8L_mG34B3HbDMn7WCYVML21rEGPp1ka8H4-eQZ3ynpmZpGGpGP-eaXqIKaIPfV0JU_SiN2yF_OwC3lpUfqLGdSurrJbDICX6LzHrQM-fPZs8j4saSQztPA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 179ms
109ms XHR
text/html 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWaPh10h8SUdz3UXsJo8L_mG34B3HbDMn7WCYVML21rEGPp1ka8H4-eQZ3ynpmZpGGpGP-eaXqIKaIPfV0JU_SiN2yF_OwC3lpUfqLGdSurrJbDICX6LzHrQM-fPZs8j4saSQztPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BnYpyV19-XNuTFGqHTNTtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoExAxfr7ByALEQD8fTV2d2sQkcWDrvCpOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MjDVMzCPLzAAAEMaJr4"
content-security-policy: script-src 'report-sample' 'nonce-BnYpyV19-XNuTFGqHTNTtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 177 B
441 B 582ms
463ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 4d89ad60f7f9ce004eb30b3658c6bfbdb8e30ae552105170f3f60aa96e94b9e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: application/json
x-cloud-trace-context: d300c3ba0e5a02094bb6d2a19a326cfc
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H2 200 d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 289ms
60ms Script
application/javascript 108.138.106.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-56.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: a575b38852221718f37085aa9e3e05cd60b48dc2c200c5a6e1467931f4ed9897

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=3600
age: 783
via: 1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: EBPZlHlcGA7QVfxzf7919GeenzTH-YWN45-H4Y9Of8YCsOiQCOlwNw==
date: Fri, 06 Dec 2024 17:20:22 GMT
content-type: application/javascript
x-amz-cf-pop: JFK50-P3
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 87ms
74ms XHR
application/json 108.138.112.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbet365.id.uptodown.com&pubid=d2c1d4de-7c69-49c2-8aec-7ee14abe5ed5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-112-90.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e6446fa66d8fa0fdd6d0cf68a5c48c690e4af5e7813f1b5e1023e16ef0aaca66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 17307
access-control-allow-credentials: true
via: 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
access-control-allow-origin: https://bet365.id.uptodown.com
x-cache: Hit from cloudfront
content-length: 2954
x-amz-cf-id: 67QSpht55t0GvSpQXncUbypFcTQRCXi7Y62qMnsq4UNBsMl-rxfdGw==
date: Fri, 06 Dec 2024 12:44:57 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: JFK50-P3
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 261ms
118ms XHR
application/javascript 108.138.112.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-112-90.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods: GET
x-cache: Miss from cloudfront
x-amz-cf-id: nSkCGjlxyHoiuEztnRevwyi5QKQiHAtWnK5Ip_88PrEpW5W2jOBaVA==
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWaPh10h8SUdz3UXsJo8L_mG34B3HbDMn7WCYVML21rEGPp1ka8H4-eQZ3ynpmZpGGpGP-eaXqIKaIPfV0JU_SiN2yF_OwC3lpUfqLGdSurrJbDICX6LzHrQM-fPZs8j4saSQztPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-29OU-y8buq89A0S_Kxa50Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBicEqfwRoExAxfr7ByALEQD8fTV2d2sQk8uHPiLZOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MjDVMzCPLzAAAHMKJ2E"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-29OU-y8buq89A0S_Kxa50Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 693ms
56ms Script
application/javascript 23.203.179.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-179-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Fri, 06 Dec 2024 17:48:26 GMT
accept-ranges: bytes
content-length: 17407
date: Fri, 06 Dec 2024 17:33:26 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 70ms
68ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 28555
via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: XKtIXCeHEnm_T1qHMzIYvKb_GoP4XZ0isr8Xk3y3xwT8tVX83vuMWQ==
date: Fri, 06 Dec 2024 09:37:31 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 47ms
45ms Script
application/javascript 104.18.29.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7171-403e"
age: 285476
cf-ray: 8ede055beeafdaf5-MIA
expires: Mon, 09 Dec 2024 17:33:25 GMT
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 57 KB
12 KB 239ms
89ms Script
text/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&ref=&_it=amazon&partner_id=716
Requested by: Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79cf8b480060ab1061126b28fda5a1f6812a501d1aa1207d35cf370b3cc70b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"fd0945739f998360256d05cf610d72c8"
age: 4098
x-amz-request-id: 3ZCAX9RC1S9JK4D9
cf-ray: 8ede055ccb40287e-MIA
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript
last-modified: Wed, 04 Dec 2024 18:24:43 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 7AtvPdlHYuevNiNMd4gfoN7ZMYN9jb5SrX8hmdrsJNfSZFHTuzygRXjHAHFeyw+TwM1nYhUhT9Y=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
29 KB 195ms
46ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4d852428cba0ba1a5108520745060d6e"
age: 9
expires: Fri, 06 Dec 2024 18:33:25 GMT
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
x-amz-id-2: d4OLS76MOPIUCaLk5hldvQ3f63/IJ8ENWRZFyg3AWP7txUcp11rQQNP7JwO4UibCIppSKh7Lk0ywmVV9FARYgSICyaRXdOig
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: A5JFEQ8MT39BBTEV
cf-ray: 8ede055ccbfd6daf-MIA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame F242 0
0 177ms
53ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 16:46:29 GMT
expires: Fri, 06 Dec 2024 17:36:29 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6B11 0
0 596ms
73ms Document
text/html 142.251.167.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:26 GMT
expires: Fri, 06 Dec 2024 17:33:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 5412 0
0 598ms
44ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 454
content-type: text/html
date: Fri, 06 Dec 2024 17:33:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5D05 0
0 112ms
102ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0S13ky8sL1nugQ21fLpJLRAF43c_PZDfF4iIuHm7SfCWVvfQ8sf1CX49_4ynJq-jtR0wLj5Ycles6bIOxAwwQnCZD5qXksIdhdPspwfIRjdvSmf6BKibSdl9Nm4vbdtua57w_Mq1nZDor0NygP_l6hJkJpsX_D5FLIwTLsu0FotaOr-U1nZwJB-k0W3zVT6F3QzuSjZuKovCf61rKZnJqAg0zyjo4y6eeIaaNWqQTl9GlSCcC1nNeBaG23RDFIsThAHhtXXZYMvs758R-OeVHxDsA6ibVFsgBpHkAAbQfYPgPEQOQWKgXDFqFTKgyQYIBuA5H9KQUiHrdPioahRKoZkuP-wkuCRNz18pQLaxXSV58JvEM3kagkQJMCPAhbShxrSb8_xbDvlUE8YP7yuUHj1vttfHHsUtUM-ZQo4fk2zsJ2upr&sai=AMfl-YQQkDMZGw4mRGxhKCL6dVeO2Ivg_KRnyuFYv3aSqCnlzLbhQe1SS6-JzCpXFj2-AfoK6VmuZ0E-J4m8QsaS9unYeTnlZCoV5q-g7HZSUzGjOU7NWUypMkOpBHfQb-3C4jm-4bk2AA1KQv8ocQK3&sig=Cg0ArKJSzIKAnRPNc6LwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 06 Dec 2024 17:33:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5D05 106 KB
0 17ms
17ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ad191ab4a274a24f6e81576c680ac448e450f350df41d552b20647ff2d63b24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 431 / 20063 / 31089193 / config-hash: 4346704433741852975
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34112
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5D05 218 KB
67 KB 69ms
57ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 15965780714114583650
age: 2868
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 06 Dec 2024 16:45:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0
https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0&b=1&tp=m%2Fd2sRnmO%2BtmHSsPQJKLGogPOPHy%2FZQm%2B%2FDZBvMkVhs%3D

42 B
138 B

99ms
96ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0&b=1&tp=m%2Fd2sRnmO%2BtmHSsPQJKLGogPOPHy%2FZQm%2B%2FDZBvMkVhs%3D
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://bet365.id.uptodown.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: application/json
vary: origin

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location: https://lexicon.33across.com/v1/envelope?pid=0015a00003IkCTDAA3&src=aps&ver=1.14.0&b=1&tp=m%2Fd2sRnmO%2BtmHSsPQJKLGogPOPHy%2FZQm%2B%2FDZBvMkVhs%3D
access-control-allow-credentials: true
referrer-policy: unsafe-url
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://bet365.id.uptodown.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
vary: origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74FA 0
0 94ms
93ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO56iplxEntKXKWy69KiIumXAizky3GgAVWnfCS5V582UK1elqr6KpUdGMUv_zmqJpxG9vYo7cEc9JimX1HrZPxCHLmWE1_JX4Y7mqOaG_DwvCfxCoYAIK6Dd7C70ny7x2D2G4yMqAiNBe0lVcB0wY0nfQ6ftX1B_DHbEZCeD0cejGMEMdaJ3RLi6tIisTQJLCk2kQU3qnSt6VaERgJOssTwr8hEWPGBr0wd7nbQHjRKTX5KBtV24djhICLbxWsUHJ7wrTflpzypvPtiRLe6VdSx-p1fOn4tJFWQ_DvkgC0QdFDrUPTPPEf5GR86Q06pDXBu23B5sbjrpX6G71dIRASl5Blv9PXCQpTZ5Kui69aMn9yH_gZo0lMCFwyU3asgNtAGRuUM49OYv8ZgWiJmuZsttWT-NhSkJSjxGMOg_hhy0wCsB4&sai=AMfl-YRRXBomksRbWvkgIf5uOHBHijD0PMXFxnscU-5txUgzGYmcZgvvnp3pocCOVxLilINwWTn3rqVlX5mhs5mdQ-z3wK9KGsWh54qjvJqLRaxNz6nRrOBbL6galCmwA_wqH-464W-WICTP76ITnkzgdg&sig=Cg0ArKJSzC5j0MXWPPQIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: bet365.id.uptodown.com
URL: https://bet365.id.uptodown.com/android

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 06 Dec 2024 17:33:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 74FA 106 KB
0 17ms
17ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ad191ab4a274a24f6e81576c680ac448e450f350df41d552b20647ff2d63b24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 431 / 20063 / 31089193 / config-hash: 4346704433741852975
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34112
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 74FA 218 KB
0 0ms
0ms Script
text/javascript 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 15965780714114583650
age: 2868
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:45:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 06 Dec 2024 16:45:37 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/ Frame 5D05 497 KB
0 0ms
0ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 6587945458042342373
age: 2762
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 16:47:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 16:47:23 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/ Frame 74FA 497 KB
0 1ms
1ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 6587945458042342373
age: 2762
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 16:47:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 16:47:23 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D05 0
0 67ms
63ms Fetch
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74FA 0
0 80ms
63ms Fetch
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 5D05 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 636297119e8a24826e5c14e098f5ea008f219f50da102f64c95d1e607bd6779a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74FA 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 638fe3a643beea0a7ec0b5356c152c162aa414aad8d00fcca5ec8bb52e28782b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D05 0
0 63ms
63ms Fetch
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 container.html
a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9777 0
0 2ms
2ms Document
text/html 2607:f8b0:4004:c21::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:25 GMT
expires: Fri, 06 Dec 2024 17:33:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWaPh10h8SUdz3UXsJo8L_mG34B3HbDMn7WCYVML21rEGPp1ka8H4-eQZ3ynpmZpGGpGP-eaXqIKaIPfV0JU_SiN2yF_OwC3lpUfqLGdSurrJbDICX6LzHrQM-fPZs8j4saSQztPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-25PhQFOXH9a_exsP44FcvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoExAxfr7ByALEQN8ezV2d2sQmsaH0YpuSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDI0MTPUMzOMLDAAXKyZP"
content-security-policy: script-src 'report-sample' 'nonce-25PhQFOXH9a_exsP44FcvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWaPh10h8SUdz3UXsJo8L_mG34B3HbDMn7WCYVML21rEGPp1ka8H4-eQZ3ynpmZpGGpGP-eaXqIKaIPfV0JU_SiN2yF_OwC3lpUfqLGdSurrJbDICX6LzHrQM-fPZs8j4saSQztPA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MU2-tAGQw9exB5jb9ki6Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsQUDM8PUKKwcQC3FzPHt1ZhebwIEL78OUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhkYGpnoF5fIEBADQ2Jrg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MU2-tAGQw9exB5jb9ki6Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxXYAsn8zZEratTl69_kja4Ma6TJr7r3vDvn2f5NSIonMM8TJTe_haC6eX8qStihYJclpmKegIWRcKCH2tokMDq2SxtsY3DLBXqMVaxWPohk3kxg3bY510Vm_ZuUff5bism568O2XQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 121ms
120ms Script
application/javascript 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXYAsn8zZEratTl69_kja4Ma6TJr7r3vDvn2f5NSIonMM8TJTe_haC6eX8qStihYJclpmKegIWRcKCH2tokMDq2SxtsY3DLBXqMVaxWPohk3kxg3bY510Vm_ZuUff5bism568O2XQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNTA2NDA2LDEyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYmV0MzY1LmlkLnVwdG9kb3duLmNvbS9hbmRyb2lkIixudWxsLFtbOCwiXzlFZHFWNmNIWlUiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

47c630043cce5d297c4d585c87b4d586167caf94c238d08a4f21888a7eabfa38

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kFkXuMu3ftS4vIiXJB-1VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIib49mrM7vYBE4c3RenpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGCqZ2ASX2AAAL4rQuE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kFkXuMu3ftS4vIiXJB-1VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74FA 0
0 107ms
75ms Fetch
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 908 B
471 B 558ms
556ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3886399050769074&correlator=3766296402370675&eid=31086815%2C31089350%2C95347780%2C31089193%2C31089253&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fifs&iu_parts=78011819%3A1060150%2CUPTODOWN_BACKUP%2CSSM_INTERSTITIAL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=3295046121&sfv=1-0-40&ists=1&fas=8&fsapi=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&lrm=20&cookie=ID%3D20ce3837f1c6b2ab%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MaYeg1J5rViPougZgkhOFzVlbKttw&gpic=UID%3D00000fa9aa9553e2%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MYxL7t6pq5b9cDbR9wA8lokHJXGSQ&abxe=1&dt=1733506406146&lmt=1733506406&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=3&tps=3&htps=10&a3p=EhoKDWNyd2RjbnRybC5uZXQSABisq6LouTJIABIdCg5lc3AuY3JpdGVvLmNvbRjDp6LouTJIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTWpkVVRrTlVhM0ZUVEdWcU1qQnlSVUZOUTFoUWR6MDlJbjA9GP-qoui5MkgAEhsKDDMzYWNyb3NzLmNvbRjCp6LouTJIAFICCGQSFwoIcnRiaG91c2UYw6ei6LkySABSAghk&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506403917&idt=1297&ppid=d27976e4-66af-45f9-aed4-ce8cc603a69b&cust_params=ssmasdomain%3Duptodown.com%26ssmasin%3D1%26ssmashour%3D17%26ssmcontenttaxonomy%3Dandroid%252Cgaya%2520hidup%252Cperjudian%252Cbet365%26ssmuuid%3Dd27976e4-66af-45f9-aed4-ce8cc603a69b%26amznbid%3D0%26amznp%3D0&adks=241863825&frm=20&eo_id_str=ID%3Df02ba07fdb7e9ac9%3AT%3D1733506405%3ART%3D1733506405%3AS%3DAA-AfjY-4qoQtK7mMdNiEgwKQm2C&td=1&egid=34738&tan=4f5161fb-ea56-4b41-9da8-3dfad89966cf&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3a4205e1f38d8ca0ac0f2c40283850dc4e19ed9e68ce72ab9952f81038a3dd02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 441
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/ 49 KB
15 KB 76ms
75ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl_page_level_ads.js?cb=31089193

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

7c87e4021dd37e0942d8224a0eea1e44d0b2901220e55675a3ad86dd6bbcb9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
etag: 4711729110921537043
age: 77155
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 20:07:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 05 Dec 2024 20:07:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15827
x-xss-protection: 0
server: cafe

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 122 B
281 B 106ms
98ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=716&sync=0&domain=bet365.id.uptodown.com&url=https://bet365.id.uptodown.com/android&v=06
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&ref=&_it=amazon&partner_id=716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421dff8925a631748c525fb528048dd8fc63e73d5622bb0cababbebf7373ab6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8ede0560bcc15c63-MIA
access-control-allow-origin: *
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 329ms
86ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=716&sync=0&domain=bet365.id.uptodown.com&url=https://bet365.id.uptodown.com/android&v=06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bet365.id.uptodown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8ede05601bba5c63-MIA
content-length: 0
content-type: application/json
date: Fri, 06 Dec 2024 17:33:26 GMT
debug: OPTIONS block
expires: Sat, 06 Dec 2025 17:33:26 GMT
server: cloudflare

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5D05 0
0 101ms
100ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQIfJN_onzoOGKZAOFLQuCtOpy50dKUK0sH9Hor9nIhYn_HI_r0hbnZfdDxMzVk56pDlmRRbKe4nAqzRU_TBSipu2-jmc-iFbig5Jrw-nTnK3Ah3KZ1CrYxb0ZwGfdrqlSErFSxq0IfvnYuxasF1voJT2cweYFhMVYFxi9CNzKhjod7S7nqFuf_c957UbU51URceVZ_emxLP2JR19zsi3TUEsaJqI3Z2esL3TzA84UY-Rd41onY6tw6-UH04YBm7ZMXkzqMOznG0Os0841c8Fe-P6f9MiWdLuH6wtfcKkvlR2Ld5z2_1axThNC6FNVuXjCMpunkiTGlcVyaUE-vZq9Of9du2v0adYp8OJpPX_mutN7yjrLi_1g78QTlHkbUgQY224XWj7YkdJSXbkwxdl-AEYpjKFpWJrrXK24ihJf2RxAM1ZVT_Y&sai=AMfl-YR7icjdmGz-i0VN8mU815N465DeHdgaGBJ9Y-yAJGpqQ2RCYyOh-39aUJkob0HJsKq3DHLN6I5BgH-NMqpRA5Ir_LZNaO2RNB2QuC1V17vZ6hJTYptGwibSfvBLufrCqwvgM2hiLZn0OXQL7M61&sig=Cg0ArKJSzPWZn73Mm5upEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74FA 0
0 96ms
93ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq858xmSffdSuVrLCVl4IjPli5Jjs_Rfh6HtNZcHOqTMZGIm7gvGO25HyHnXV8K9pHkIgW11Ok26UneqoGAN873pBJgIiZFa6ChOXSu_c7dLaj60Tq9I_5feMkAhXtMdmBj3g06ZxFTxfllFsGmuosnJVuEPmjW5jHCnmhdx4qCY17qJ9tBUdNPN2b3IwNioL0YewpEtW99Y5LNFA0LZfKe1TQaAKGfpvdjRiWyOgcIPzH4VDDbgInn-GHG32ew3A1H73J2_FFRBH8PPk1ojbDLzmY2Ol8YWyfo3OQ37ZozjpPECoEclM3lqRUmjHBxEB4Blzixy4dqAMVDI5YxDFkHix4Qy-c7-P4whU2BVgzmrDtqdLxR_PyQwlAE_cDYKo28muq47szJyNiX4LuFsOIuCqR3qSFK9kmIl4G-bTnAyVzZTRWt20&sai=AMfl-YSuqpKo0pH3l0qDTxHliOZPFuFWvAYc10RtM6maSXouEp8_VR8fh8nWFxvO9M_rxlltwmhxjRU-fw9gfK-2AEQ_x8v3-DMrs7p66nxpnqJOCRaQaA__iMaYtEiO_L70Ng6BrnDVB3j4S6mqjG9odg&sig=Cg0ArKJSzK8wne6nHI-KEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 0082 0
0 3ms
2ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:23:26 GMT
expires: Fri, 06 Dec 2024 18:13:26 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 5D05 17 KB
13 KB 115ms
110ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ba775cf8e9e967d8e5dc44939dc8f627bce16bdd83a2598a91a97c7e5075396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13234
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5D05 51 KB
13 KB 625ms
602ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548609009221467&correlator=2320786866437684&eid=31089251%2C31085777%2C31089193&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_UPR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=1761823602&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D20ce3837f1c6b2ab%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MaYeg1J5rViPougZgkhOFzVlbKttw&gpic=UID%3D00000fa9aa9553e2%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MYxL7t6pq5b9cDbR9wA8lokHJXGSQ&abxe=1&dt=1733506406441&adxs=1178&adys=141&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=b5gmey71tde2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&top=bet365.id.uptodown.com&vis=1&psz=300x250&msz=300x-1&fws=256&ohw=0&topics=9&tps=9&htps=10&a3p=EhoKDWNyd2RjbnRybC5uZXQSABisq6LouTJIABIdCg5lc3AuY3JpdGVvLmNvbRjDp6LouTJIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTWpkVVRrTlVhM0ZUVEdWcU1qQnlSVUZOUTFoUWR6MDlJbjA9GP-qoui5MkgAEhsKDDMzYWNyb3NzLmNvbRjCp6LouTJIAFICCGQSFwoIcnRiaG91c2UYw6ei6LkySABSAghk&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506405816&idt=381&adks=357935417&frm=23&eo_id_str=ID%3Df02ba07fdb7e9ac9%3AT%3D1733506405%3ART%3D1733506405%3AS%3DAA-AfjY-4qoQtK7mMdNiEgwKQm2C&td=1&egid=34210&tan=3d67def1-ceec-4e15-87e0-29824daeaf27&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3fdcacafa01f13d2c72f912178f174b911961f797ddcf71437d0d46e2a801ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 12974
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C731 0
0 639ms
81ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:27 GMT
expires: Fri, 06 Dec 2024 17:33:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWZXLq05fMsHTNqYkI7bDNonaoSnWWS8jV5tLYKcwBI4mqGkWesGmLVd11N3XeFedhSqQK5AAAopkK7zjnU0NhFI7Aixxm6NcHVcldGidpLFlicqMKwevcbepQqzapliVDiA6PQFg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 115ms
105ms XHR
text/html 142.251.35.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWZXLq05fMsHTNqYkI7bDNonaoSnWWS8jV5tLYKcwBI4mqGkWesGmLVd11N3XeFedhSqQK5AAAopkK7zjnU0NhFI7Aixxm6NcHVcldGidpLFlicqMKwevcbepQqzapliVDiA6PQFg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mwJMaG5lnUCJTf9dl7OHpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:26 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBicEqfwRoExAxfr7ByALEQD8ezV2d2sQlcWLe0jUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAADukJp0"
content-security-policy: script-src 'report-sample' 'nonce-mwJMaG5lnUCJTf9dl7OHpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6086 0
0 8ms
8ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:23:26 GMT
expires: Fri, 06 Dec 2024 18:13:26 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 74FA 17 KB
13 KB 132ms
109ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0f28459bab632d4a20f27f6a064dbde0ea813656abe628b38483892c489bf680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13178
date: Fri, 06 Dec 2024 17:33:26 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 74FA 30 KB
3 KB 475ms
474ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392802479711468&correlator=717624138756775&eid=31089318%2C31085776%2C31089193&output=ldjh&gdfp_req=1&vrg=202412030201&ptt=17&impl=fif&iu_parts=78011819%3A1060150%2CUPTODOWN_UPR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&didk=1746132952&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D20ce3837f1c6b2ab%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MaYeg1J5rViPougZgkhOFzVlbKttw&gpic=UID%3D00000fa9aa9553e2%3AT%3D1733506405%3ART%3D1733506405%3AS%3DALNI_MYxL7t6pq5b9cDbR9wA8lokHJXGSQ&abxe=1&dt=1733506406542&adxs=152&adys=1339&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=prchdt6bib51&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&top=bet365.id.uptodown.com&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&topics=9&tps=9&htps=10&a3p=EhoKDWNyd2RjbnRybC5uZXQSABisq6LouTJIABIdCg5lc3AuY3JpdGVvLmNvbRjDp6LouTJIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTWpkVVRrTlVhM0ZUVEdWcU1qQnlSVUZOUTFoUWR6MDlJbjA9GP-qoui5MkgAEhsKDDMzYWNyb3NzLmNvbRjCp6LouTJIAFICCGQSFwoIcnRiaG91c2UYw6ei6LkySABSAghk&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733506405924&idt=323&adks=1972524403&frm=23&eo_id_str=ID%3Df02ba07fdb7e9ac9%3AT%3D1733506405%3ART%3D1733506405%3AS%3DAA-AfjY-4qoQtK7mMdNiEgwKQm2C&td=1&egid=34210&tan=2ca83c8c-fffe-42a7-98ad-50f6c8bdaec2&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e9d8b1c81f56267377103f2e17caf686d31f5c213346f840b8ed8e66a957f9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: dcb
google-lineitem-id: 6765155689
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138484998005
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://bet365.id.uptodown.com
content-length: 3111
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1146 0
0 689ms
173ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:27 GMT
expires: Fri, 06 Dec 2024 17:33:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 109ms
98ms Fetch
text/html 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bet365.id.uptodown.com/

Response headers

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 5D05 18 KB
0 212ms
62ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 716 Show response
a.ad.gt/api/v1/u/matches/ 9 KB
5 KB 541ms
60ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/716?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&ref=&_it=amazon&partner_id=716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e12c031641c917e689ed8cde10ac305cc394bbbd08f51ffabef5e222eef400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 149
cross-origin-resource-policy: cross-origin
cf-ray: 8ede05648adb961a-MIA
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 17:30:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C11F 0
0 9ms
8ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 16:46:29 GMT
expires: Fri, 06 Dec 2024 17:36:29 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1BD1 0
0 29ms
29ms Document
text/html 142.251.167.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:26 GMT
expires: Fri, 06 Dec 2024 17:33:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 74FA 18 KB
0 212ms
62ms Script
text/javascript 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 06 Dec 2024 17:33:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 070E 0
0 26ms
26ms Document
text/html 2607:f8b0:4004:c0b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 16:46:29 GMT
expires: Fri, 06 Dec 2024 17:36:29 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 467F 0
0 22ms
22ms Document
text/html 142.251.167.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f105.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Koi2HKH2TnHMCgv0IyT1xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:26 GMT
expires: Fri, 06 Dec 2024 17:33:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ Frame 5D05 63 KB
0 10ms
10ms Other
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 24
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 17:33:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:01 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ Frame 74FA 63 KB
0 44ms
43ms Other
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 24
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 17:33:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Dec 2024 17:33:01 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
459 B 539ms
173ms Fetch
text/plain 162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://bet365.id.uptodown.com
p3p: CP="CAO PSA OUR"
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
294 B 537ms
164ms Fetch
application/json 162.19.138.120
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

97d7778bfe93415c98cb278f6be25b069ffedd42c8a2f0f4b47004969608b9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://bet365.id.uptodown.com
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 container.html
d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 048F 0
0 167ms
166ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:27 GMT
expires: Fri, 06 Dec 2024 17:33:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E98 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030201/pubads_impl.js?cb=31089193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Dec 2024 17:33:27 GMT
expires: Fri, 06 Dec 2024 17:33:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D05 42 B
65 B 113ms
79ms Fetch
image/gif 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm3Lwv2RGGRiIL_iC7TilA4FC80AXdvcr8Mj-8JQn9umU0IyyMHP-pIXr7f0677-uXQI1RKD-uFundSUHsCOTEm5VlB24QPcGCqVCa5Z0iwbKC0F01v-wfDOJgZ6dob8LrIaBqzNjd4DvmZ-7VmeAC0JB5KbRc7L1fOYDMQh36cb3jT3zOsonV3o6Hxl5RF0zJkQ&sig=Cg0ArKJSzGbkeZOU99Y2EAE&id=lidar2&mcvt=1000&p=141,1178,391,1478&tm=1275.599998474121&tu=276.0999984741211&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3396260059&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2943920600&rst=1733506405816&rpt=482&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 06 Dec 2024 17:33:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 234ms
133ms XHR
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

036b1b2613b35796287d62636ae426621725d185ee3230defdd5cc95e818005d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://bet365.id.uptodown.com
p3p: CP="CAO PSA OUR"
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: application/json
vary: Origin

GET
H2 200 716 Show response
p.ad.gt/api/v1/p/ 40 KB
14 KB 167ms
48ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/716
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/716?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59fd3ee79e4aef065ab1a7eec346d71d92913b163d6677565e472db0ace0e46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 78
cf-ray: 8ede05671fd3da67-MIA
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: application/javascript
vary: accept-encoding
server: cloudflare
last-modified: Fri, 06 Dec 2024 17:25:32 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
170 B 255ms
144ms Image
image/gif 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&halo_id=060ixe9ju6a65kihgfc676faj6hbef6ekceuom6wi0e0yyusqoi020oew0sgmo0my
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede05671e613360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 ip_match
ids4.ad.gt/api/v1/ 0
191 B 580ms
113ms Image
text/html 52.32.35.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001733506407-4CR55FV3-45F2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.35.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-35-154.us-west-2.compute.amazonaws.com
Software: timberwolf /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-length: 0
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: text/html; charset=utf-8
server: timberwolf

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001733506407-4CR55FV3-45F2%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=5426684606420545233&gdpr=0

43 B
95 B

135ms
134ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=5426684606420545233&gdpr=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0568783d3360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733506407-4CR55FV3-45F2&adnxs_id=5426684606420545233&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.71; 38.132.118.71; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 993126e4-fc00-437e-8fb1-210cea769a23
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 06 Dec 2024 17:33:27 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2%26auid%3DAU...
https://ids.ad.gt/api/v1/openx?openx_id=2158eb35-1921-48bc-aaf6-967c73986bc6&id=AU1D-0100-001733506407-4CR55FV3-45F2&auid=AU1D-0100-001733506407-4CR55FV3-45F2

43 B
95 B

138ms
135ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=2158eb35-1921-48bc-aaf6-967c73986bc6&id=AU1D-0100-001733506407-4CR55FV3-45F2&auid=AU1D-0100-001733506407-4CR55FV3-45F2
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0567df733360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/openx?openx_id=2158eb35-1921-48bc-aaf6-967c73986bc6&id=AU1D-0100-001733506407-4CR55FV3-45F2&auid=AU1D-0100-001733506407-4CR55FV3-45F2
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2
https://ids.ad.gt/api/v1/pbm_match?pbm=3EC3B8BC-C43B-43D7-943A-84F859E252FA&id=AU1D-0100-001733506407-4CR55FV3-45F2

43 B
95 B

148ms
147ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=3EC3B8BC-C43B-43D7-943A-84F859E252FA&id=AU1D-0100-001733506407-4CR55FV3-45F2
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede05684ff23360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/pbm_match?pbm=3EC3B8BC-C43B-43D7-943A-84F859E252FA&id=AU1D-0100-001733506407-4CR55FV3-45F2
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 06 Dec 2024 17:33:27 GMT
server: nginx

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 216ms
58ms Image
text/plain 69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001733506407-4CR55FV3-45F2&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 2e31b23176a0c93349f5f5f1dd9d9284
Pragma: no-cache

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733506407-4CR55FV3-45F2&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&id=AU1D-0100-001733506407-4CR55FV3-45F2

43 B
95 B

137ms
134ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&id=AU1D-0100-001733506407-4CR55FV3-45F2
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0567df743360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&id=AU1D-0100-001733506407-4CR55FV3-45F2
content-length: 259
date: Fri, 06 Dec 2024 17:33:27 GMT
server: Kestrel

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001733506407-4CR55FV3-45F2&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733506407...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001733506407-4CR55FV3-45F2&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7373f5e4-6be5-4827-97e3-c8b0a9cfc86c&ttd_puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&tapad_id=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad

43 B
95 B

138ms
138ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&tapad_id=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0568987a3360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&tapad_id=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Fri, 06 Dec 2024 17:33:27 GMT
server: Jetty(11.0.13)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 191ms
62ms Image
image/png 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001733506407-4CR55FV3-45F2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 06 Dec 2024 17:33:27 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001733506407-4CR55FV3-45F2
https://ids.ad.gt/api/v1/amo_match?turn_id=2987853030513172148&id=AU1D-0100-001733506407-4CR55FV3-45F2

43 B
95 B

159ms
157ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=2987853030513172148&id=AU1D-0100-001733506407-4CR55FV3-45F2
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede056a0abd3360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:28 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ids.ad.gt/api/v1/amo_match?turn_id=2987853030513172148&id=AU1D-0100-001733506407-4CR55FV3-45F2
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Fri, 06 Dec 2024 17:33:28 GMT

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0

43 B
118 B

148ms
147ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0569faa33360-MIA
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:28 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733506407-4CR55FV3-45F2&uid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 06 Dec 2024 17:33:27 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-114
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001733506407-4CR55FV3-45F2
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzUwNjQwNy00Q1I1NUZWMy00NUYy

170 B
232 B

64ms
62ms

Image
image/png

142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzUwNjQwNy00Q1I1NUZWMy00NUYy

Protocol

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 06 Dec 2024 17:33:27 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-ray: 8ede0567bf433360-MIA
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzUwNjQwNy00Q1I1NUZWMy00NUYy
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: text/html; charset=utf-8
vary: accept-encoding
server: cloudflare

GET
H2

200

9.gif
id5-sync.com/c/492/1241/0/
Redirect Chain

https://id5-sync.com/i/492/8.gif?o=api&id5id=ID5*JN9R9MGGquSWCYrgM6G-XbSeza8BysHN6eSnZB9CDGbf_9Cwa-yWeiOd4Yt_xoty&gdpr_consent=undefined&gdpr=false
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-a7ffhG6ddtPhvXJ2SYnP8Xb6PUQi9l-sDJD2Wqo79A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F492%2F124%2F7%2F2.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-a7ffhG6ddtPhvXJ2SYnP8Xb6PUQi9l-sDJD2Wqo79A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F492%2F124%2F7%2F2.gif%3F...
https://id5-sync.com/cq/492/124/7/2.gif?puid=6fcda006-d7a7-46cd-9462-3e2268509a53&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F434%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/492/434/6/3.gif?puid=e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F203%2F5%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/492/203/5/4.gif?puid=271c225d-6f57-43aa-96a3-8ce17d666e63&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/492/108/4/5.gif?puid=2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/492/796/3/6.gif?puid=0eb33901-5ec7-4a79-a543-923b48a1129e&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AAD6hE7OpmsAABaEiMl_Ag&id5AccountNum=155&numCascadesAllowed=9
https://ib.adnxs.com/getuid?https://id5-sync.com/c/492/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/492/2/1/8.gif?puid=5426684606420545233&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=85&3pid=AAD6hE7OpmsAABaEiMl_Ag&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F1241%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
https://ce.lijit.com/merge?pid=85&3pid=AAD6hE7OpmsAABaEiMl_Ag&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F492%2F1241%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/492/1241/0/9.gif?puid=JyY9ARZHFDeTvjBnTxWIctmw&gdpr=0&gdpr_consent=

43 B
1 KB

139ms
139ms

Image
image/gif

162.19.138.116
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/492/1241/0/9.gif?puid=JyY9ARZHFDeTvjBnTxWIctmw&gdpr=0&gdpr_consent=

Protocol

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Fri, 06 Dec 2024 17:33:29 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://id5-sync.com/c/492/1241/0/9.gif?puid=JyY9ARZHFDeTvjBnTxWIctmw&gdpr=0&gdpr_consent=
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 06 Dec 2024 17:33:30 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
95 KB 75ms
68ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6edea1b671b8419801ac28e1a1bfc87e350a3dc0a7d979f4746b24b94d65b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 06 Dec 2024 17:33:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97093
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
98 B 146ms
139ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede05679ec3961a-MIA
access-control-allow-origin: https://bet365.id.uptodown.com
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:27 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 419ms
144ms Script
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=c2b93d0fcaaacbc9e96e49a89f96efd1&url=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede0569897c8dd3-MIA
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:28 GMT
server: cloudflare

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 335 B
240 B 145ms
143ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bbb07c9b3963ef42fdba2de10bdb857f341827df79dd0a6785f49343c347aeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://bet365.id.uptodown.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8ede056a5c1a3dd7-MIA
access-control-allow-origin: *
date: Fri, 06 Dec 2024 17:33:28 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 441ms
131ms Preflight 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bet365.id.uptodown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8ede05698af03dd7-MIA
date: Fri, 06 Dec 2024 17:33:28 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ Frame 5D05 0
0

GET sodar
ep1.adtrafficquality.google/pagead/ Frame 74FA 0
0

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame AEA7 0
0 293ms
51ms Document
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://bet365.id.uptodown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 210
apigw-requestid: CYQwqhKrPHcESYg=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8ede056cdd2e21c7-MIA
content-encoding: br
content-type: text/html
date: Fri, 06 Dec 2024 17:33:28 GMT
last-modified: Fri, 06 Dec 2024 17:03:38 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 136ms
133ms XHR
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/716
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://bet365.id.uptodown.com/

Response headers

cf-ray: 8ede056f8f3c74ca-MIA
access-control-allow-origin: https://bet365.id.uptodown.com
cf-cache-status: DYNAMIC
date: Fri, 06 Dec 2024 17:33:28 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 230ms
164ms Preflight
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bet365.id.uptodown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://bet365.id.uptodown.com
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8ede056e7d8374ca-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 06 Dec 2024 17:33:28 GMT
server: cloudflare
vary: Origin

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 65ms
63ms Fetch
text/plain 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=45je4c40v888089788za200&_p=1733506404125&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&gdid=dMmY1Mm&cid=2082567788.1733506405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1733506404&sct=1&seg=0&dl=https%3A%2F%2Fbet365.id.uptodown.com%2Fandroid&dt=Bet365%20untuk%20Android%20-%20Unduh%20APK%20dari%20Uptodown&_s=2&tfd=7490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bet365.id.uptodown.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bet365.id.uptodown.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 17:33:30 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030201&jk=3886399050769074&bg=!8fKl8r3NAAaIaF9IqGg7ADQBe5WfOKTGydBLzJu4YHaKDBNw8fdtyafpj_aHnerrHIg2CGDtcLrpdE4qIz2rXhgufoYJAgAAAb1SAAAABWgBB34ANh1-4HhjOASvVZfIQRI34l-0ffMkfFuE7YjCuiJf3HuMr0mS1L2LSuFIjwWXXF-35yhhiRYOOwoAJyiY0Sbp4gAa8zdxp_mNPpCUmXUXCqk2Ne-JT8_1CfkH03qWnUhT75kCoP39MdhwngHXT-1nhmdq8ipZ7GEH1hMSIWLNiSeLBydP9luPC1kNS2XJbU9NkYGObcJxHhkjyWf3gG1XdymhFZIPTrKyv5sa9MGjZhxiirWKmakaLrP4KBiR4iTWBd-FTdlw6MeIhGRvy6lu5rg4cMVMAz6KVWAzAXZdaoww7-9yR6_xMmYnZLxxu51mEO6axargnRs5YKGBB9nYF4397wFDSwftvkXNkEzHuwEibW5EN6DJCsXDvZmGxkuLLOCnT77GMWQQIf8c0X720qr-OzVkIpXLSMcCeWww1cxCWiZlg5vrfuDUioSYeNkh6g9ZHBpnIvktqT91x8IeuJ-E8eBXipbIMnHk1Qj-saLyzfYlMLwbzuG3iWYwWoajNc_56bWqSTFD5VtGaymkqZ9ko7iSZOOIDEZzND5A6ImHoZ9HCFF4m9RRAfkhHGqh-vyUQbQnfodm5c2AhTppYpTJRBj9XV6n4XpI8TYbbWRJaNcsNkmtiw7yrcpeQuVwH9p3lc9-uy3u8UJkZRaLkcMGTHE_5tYLmQOcUdJ-owTwKQmwTNvkvGB_3msE9-PYW64Z7JLrrWR6wWEEJ9_EvsFLyYmZxakXq8I5wHYFMz5FJkZWpstTnpFLGGJl6HxlzjcLB0slqUj44ET17gJ9yjEKOqOei_qD64T74UpmlK21aTLHxru-P9Q5Ubink_ZVBIw8mAmgp_W3XSdHHTu1gQvkb5DLy4KlLjDWHdC19wfgC6X-DerYPO5lLfbvnNfP9HgqcZwnyQG38ktbg-XNzu12TceZFmCORTekdVJjpMEeC9OUvd_piMKAiTK24hcxtNQZGGYIewBSI3gwbV_ohevneCf8x0zHcSAk6XJrIq6e1q5p8MQq4iFygaSqMNWQjUtvlA

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030201&jk=548609009221467&bg=!SUqlSgXNAAaIaF9IqGg7ADQBe5WfOKkhxTQCSBAYKdoueo9ZSHO_ENJ_yKiCCPOXUp04Vx1ME33I77VXpoIBmNVKZepkAgAAAOBSAAAABWgBB34ANsPqkTR-MtBHK-xh_KEEDIa0OYbgYYEiV8QcqhIh2EXOH3FhgY6IhftkhvoJv9GsIOw1TFXUoZkCvctd2YY9JuGjuaPB8XDj-1hEU-nHYJP7KDH_TblD097kulTkJW-SQiq7x2KC9huNINsZvpc_6Szax3Sk_pRmRKgcXHpFPA2iPenpoBBZ5k6n_AOorN2Vjh1UFMtfl2LGh4NvsdQgmnpu7s5l2X_QwsPYIwtLc8arLNa_CyuUiYwjHRpJr_KPZO9-_TXIYIAFzUyiTYgMrL7AukAoiYQXKBlKcQbIzvGBZYZTDN3CxTiRqiI-2slOS4HNMpiJ91haXlNbJPVBxohbZYGWLTjEPmjA7jcSVkx4hDmHA_Osaz9WGsgduzwzurc7jnIjqobN7jOfh3h0VHKCVZK1eNenmNW2a9GASjAzsXaS4NG0dp55nF_7Vu_WbVHQhCJfMb_Cg9-cU0q1cJ4mUhJcr5sdB9T_l2yqB3IRacZ2mug4LUBt16d5Kxb2DsiIwQL3g1DmDAGmqNq4Kxm0Z_dSbApEA0KRTR3dl9_aA6_NAg2pFgEUbGI4puLfRW4pddZItqUXI7upM8rC8xg9kcH3vNmK6o_WnWYYW6Ryq8oGqUEATb3U1Ckv-LKMZ90IfIT_7IWJZ5Y3NaOULjqO9yfJ_y-Pl6ll0qS-oUuMQWuuPGszU09MfA_oOAlg1ZqcCe5LLuvByxnPMsOqorEkCT3mf0DPyiz_vflDI27cmZgzHKnldum8UCIn70x1mW2Kh1eHsjXmNoAmsbBbWPrT71ldOzLEaG-goPHGE4NehwHxYj7KnVb9iVEu8_Uo5rMdKZ4OPwiuT7qONBpA8YIaYQZIYsT25Grc52WLDoUCw7sTfiWkHGR_AMRGgrtbCo7MWZGV4rUDxCCt3bZbOMIbfMAEJLz_n0JPxzBtZKkjb2d5o8BbZEhN127xxRWJSiLNQy7xTxixDWPkY9IYzdZed-WFNq-HyxYe12cO3NWegGjzL8rw

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030201&jk=1392802479711468&bg=!cHOlczzNAAaIaF9IqGg7ADQBe5WfON6H95LnqheG4y0P-6Kyyfu2J5evvJvHHbup1q589V2sxxNMryecAGHC3RQ74UG5AgAAAOhSAAAABGgBB34ANihX0JlPP2BGKUS17McdFKxgCruM5PT6vKnXl6-kBEmyJERgiPKIP-9ce89Pz7Z1sHZ27ccxxAoAS9kxKufh1J7uRV_ke_3lhr4AGiVIUe6vMCljPqTmKdiQbEGh3WverkgBBWDYiP3trrHmfCIN65zywAzg-oVNBxx3Ba2OXhE7k2w73JkCtroyCx2uJRXo2w0w1g8wwDvkgDktwIcr1CupjmDEh5RKeW-OteWntRqSIzMAe4GdxcnPf3ql67qvJbKHkcdinWreCxXTZoXhv-xaAVjOt3tYG5APP33dRmLQKCKcf96RZKhqlfQEIkD1Cz9RVU_UQXCCp_AWPORU_35pU80bLfVyr3uHoUq7-GrZYi0hEw9ICIZjFFJcxtMADSNhyytOgdShc0Or-gKnkGsS0ZLd9TIt4_OrPCeNNgvTUXt4jCLmWgvuA5yVR0Pum9KQQROdP6cLvBjZJgZ5YwZfWkTDHtNTR_FB3HvXM7iUYz6jyB0UfLesZvIDzCB2WGnruvLFkTER-u3_gVSqDsLcB53N3zoW6CTv7apxaFYzJtw4_LL-_0est7Hvyj0EzgPD-I552PdvweMHHfH8OqAL1WqOhNpqrY7o4MuENfyD6gF3_dDstDlNVIBD9-Nj5m7F5D3Ld6UxDbRTztkLJFfG-6wwLVyUb6lIwWtC34a_EdZv4PmsjTfe3BXFGR8wh6ApUeOwUnfIe0FptllGA_-ZKgdp1Lb8mQGUO8UZEUddN0uBqPA8HfdbsvkdLCDd3S6jHIxwtxEyl7Qc_fGhynUkRYLtB9RIOBJMqnriU5rDEeFBNWQ6klt2mRKkt7IlR_RDkK0SJ117jCW-iM306bq_qqOMIsPRXdipl9NY3rilwyd7TYeZgg2P80rUdntqcs7ZuWDiNGUWeD94LAYtcG8sydXn0SlvispQQcEbpoBM9raWLTFU5R_NfIYCesU9ggGNt66aQ1Q6Pi-UOFPq0gH4X-Bd36R8UhoOb98FMNtDSabZyK3c8Vy-ZHIaG6_SlNICgQ2GY0Cx1dlao46xn5x6wEWv5U95jmGnYxxvhCWTOy1vrT9XBzzK6Sk5B9QEjqp-W8qqiJ_d49Lc1mQ

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uptodown.com/	1970-01-21 10:57:41	Name: _pk_id.2.866e Value: 72dc664a988543ab.1733506404.
.uptodown.com/	1970-01-21 01:31:48	Name: _pk_ses.2.866e Value: 1
.uptodown.com/	1970-01-21 11:07:46	Name: _ga Value: GA1.1.2082567788.1733506405
.openx.net/	1970-01-21 10:17:22	Name: i Value: dbb4cd09-392a-48b7-a3db-4ac400c0973f\|1733506405
.crwdcntrl.net/	1970-01-21 08:00:32	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:00:32	Name: _cc_id Value: 6cced5ff6d9922cd514a78a84cfaf68f
.uptodown.com/	1970-01-21 01:31:46	Name: lotame_domain_check Value: uptodown.com
.uptodown.com/	1970-01-21 08:00:34	Name: _cc_id Value: 6cced5ff6d9922cd514a78a84cfaf68f
.uptodown.com/	1970-01-21 01:33:12	Name: panoramaId_expiry Value: 1733592805755
.criteo.com/	1970-01-21 10:53:22	Name: uid Value: 271c225d-6f57-43aa-96a3-8ce17d666e63
.criteo.com/	1970-01-21 10:53:22	Name: receive-cookie-deprecation Value: 1
.uptodown.com/	1970-01-21 10:53:22	Name: __gads Value: ID=20ce3837f1c6b2ab:T=1733506405:RT=1733506405:S=ALNI_MaYeg1J5rViPougZgkhOFzVlbKttw
.uptodown.com/	1970-01-21 10:53:22	Name: __gpi Value: UID=00000fa9aa9553e2:T=1733506405:RT=1733506405:S=ALNI_MYxL7t6pq5b9cDbR9wA8lokHJXGSQ
.uptodown.com/	1970-01-21 05:50:58	Name: __eoi Value: ID=f02ba07fdb7e9ac9:T=1733506405:RT=1733506405:S=AA-AfjY-4qoQtK7mMdNiEgwKQm2C
.doubleclick.net/	1970-01-21 11:07:46	Name: IDE Value: AHWqTUl0BKnWGpypP-KMbUd02EFrsgOH2HcED2LWdIeJzwezdMpFTTKwhvomIdxFv4U
.uptodown.com/	1970-01-21 11:07:46	Name: _ga_DW5XRK7GYT Value: GS1.1.1733506404.1.0.1733506406.0.0.0
.openx.net/	1970-01-21 01:53:22	Name: pd Value: v2\|1733506406\|vMgavPkWgy
.33across.com/	1970-01-21 10:17:22	Name: check Value: true
.uptodown.com/	1970-01-21 10:17:22	Name: FCNEC Value: %5B%5B%22AKsRol8Lli9rWEdnWu7gnGNXqg2-pqQYRodo_cEeCYATuhn4te5N3PpeGMBXlSffq2ssyT4dFp6E1lgx5bvnTLRitXrfDZR6ntcxAdZ0tg9-eNrWLRppgGE3Mbv6HMkV-QG047XdfWd70_os4DcCyTA-3q-FpXvekw%3D%3D%22%5D%5D
.uptodown.com/	1970-01-21 10:53:22	Name: cto_bundle Value: Yprjl19FblR3YWhvRnpab21tNTNaOFVPJTJGSnlIR1lBJTJGaWZIM2NCS25YekVQbzRBb2QzbFhWMlBsVlFXbXN2OVlxZERCRiUyQldWZzJXRjJRejI5QmNvM3kxcDBDUHdjeGF6bklVJTJCZWJCVVhtYjJDaG9YT3NzRnMzUmVYWVI5eVpmMSUyRmFhZ0t1VUN5elNTY2VLcHVzJTJCWkU4d0R3VUhKeHFIWGZoZnNBV3lvOXlZMngxUEklM0Q
.adsrvr.org/	1970-01-21 10:17:22	Name: TDID Value: 7373f5e4-6be5-4827-97e3-c8b0a9cfc86c
.yahoo.com/	1970-01-21 10:17:44	Name: A3 Value: d=AQABBGY1U2cCELNjkQENfwOyxFqBS51UXroFEgEBAQGGVGddZwAAAAAA_eMAAA&S=AQAAAudbp_pfrKedwsyUFLfYL0Y
.amazon-adsystem.com/	1970-01-21 06:29:51	Name: ad-id Value: A2WIqEUpYUoRg6ixSGH5GiI
.amazon-adsystem.com/	1970-01-21 11:07:46	Name: ad-privacy Value: 0
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.media.net/	1970-01-21 10:17:22	Name: visitor-id Value: 3765080061523929000V10
.media.net/	1970-01-21 01:41:51	Name: data-exp Value: setstatuscode~~1
.media.net/	1970-01-21 01:51:56	Name: data-g Value: CAESEMoRHz3xVnq7d1pB8nzgW4M~~6
.uptodown.com/	1970-01-21 10:17:22	Name: _au_1d Value: AU1D-0100-001733506407-4CR55FV3-45F2
.ctnsnet.com/	1970-01-21 10:17:22	Name: cid_f90e966e8a11448b9d898d3953b03a70 Value: 1
.rubiconproject.com/	1970-01-21 10:17:22	Name: audit_p Value: 1\|mNfJnQMhqfh7M6+aZa7UJ4ngQGzOer+IHQoJqfeprQSbz16xSA9sXYUrLKol/1wAsQit6oeM3TbyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnaVaSqhSTlXWnFobQVxk7ThvrHzlg+UjRRtbxU8Jk5peYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.rubiconproject.com/	1970-01-21 10:17:22	Name: khaos Value: M4D0YGMS-13-AU65
.rubiconproject.com/	1970-01-21 10:17:22	Name: khaos_p Value: M4D0YGMS-13-AU65
.rubiconproject.com/	1970-01-21 10:17:22	Name: audit Value: 1\|mNfJnQMhqfh7M6+aZa7UJ4ngQGzOer+IHQoJqfeprQSbz16xSA9sXYUrLKol/1wAsQit6oeM3TbyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnaVaSqhSTlXWnFobQVxk7ThvrHzlg+UjRRtbxU8Jk5peYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.pubmatic.com/	1970-01-21 03:41:22	Name: KTPCACOOKIE Value: true
.adnxs.com/	1970-01-21 03:41:22	Name: XANDR_PANID Value: r2czGjhQZQ_dzMk_LQh5bjri8yMncWH7M-JOlbYiiI22UfIZi8PUhlqQ8xBh_oPLf0AB-zuMllp01hqS738lHhEWljwDL-5wYQl_krXFRcI.
.adnxs.com/	1970-01-21 11:07:46	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:41:22	Name: uuid2 Value: 5426684606420545233
.adingo.jp/	1970-01-21 02:14:58	Name: ID Value: 4ee46b4a272a8cd28589848d90e79d32
.rfihub.com/	1970-01-21 10:53:22	Name: eud Value: H4sIAAAAAAAA_3vFyGtobmxsamBmYmBuZmIBAFhshzEQAAAA
.rfihub.com/	1970-01-21 10:53:22	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2srQ0MDI2s7AwFuIz1A0uiDJ0zckx84k39QIADfozeCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE2srQ0MDI2s7AwFuIz1A0uiDJ0zckx84k39QIADfozeCQAAAA
.adsrvr.org/	1970-01-21 10:17:22	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjIq5yHxInLPRAFGAEgASgCMgsI8qGftNqJyz0QBTgBWgV0YXBhZGAC
.pubmatic.com/	1970-01-21 10:17:22	Name: KADUSERCOOKIE Value: 3EC3B8BC-C43B-43D7-943A-84F859E252FA
beacon.lynx.cognitivlabs.com/	1970-01-21 10:17:22	Name: UID Value: 6536c5b7-db4e-4c59-a5c5-885027e4054a
beacon.lynx.cognitivlabs.com/	1970-01-21 10:17:22	Name: ss Value: vEm7Xpk80kNczze1yNPYId3AGDfwvrxJALD1H58HpGv0hNb39rNvnDZwQk4jRudALOLzSUlR8jHXqCwR6o2BdQ%3D%3D
sync.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id Value: s%3A0-0401fc9e-0d46-53d3-7fc5-442370bfb578.SMeUnWMBbRdzMwJsSqZFJ8WGA7SkNQMAwz1XuFkXRzY
.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id Value: s%3A0-0401fc9e-0d46-53d3-7fc5-442370bfb578.SMeUnWMBbRdzMwJsSqZFJ8WGA7SkNQMAwz1XuFkXRzY
sync.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id-v2 Value: s%3ABAH8ng1GU9N_xUQjcL-1eCaEdkc.wxWZ8AtSAWBy0WgT2dnohryN8VAAeLiXjFSfAZkMmLg
.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id-v2 Value: s%3ABAH8ng1GU9N_xUQjcL-1eCaEdkc.wxWZ8AtSAWBy0WgT2dnohryN8VAAeLiXjFSfAZkMmLg
sync.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEGcYBCDn6sy6BjABOgSAOSS3QgQ_n7u_.hSCe8RIgUVXlZsrvKBB19oImGJl6EfaAux56YV0qkTc
.srv.stackadapt.com/	1970-01-21 10:17:22	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEGcYBCDn6sy6BjABOgSAOSS3QgQ_n7u_.hSCe8RIgUVXlZsrvKBB19oImGJl6EfaAux56YV0qkTc
.travelaudience.com/	1970-01-21 11:02:00	Name: _tracker Value: %7B%22UUID%22%3A%22D5B6DB85-6F29-423B-2A15-7BAC974D89B0%22%7D
.admaster.cc/	1970-01-21 10:17:22	Name: __mguid_ Value: e94ce74f0210d5002nqaqa00m4d0ygp6
.tapad.com/	1970-01-21 02:58:10	Name: TapAd_3WAY_SYNCS Value: 1!8201
.id5-sync.com/	1970-01-21 03:41:22	Name: id5 Value: 4389fa8a-d017-7520-a8af-f1d1080298ff#1733506407214#3
.tapad.com/	1970-01-21 02:58:10	Name: TapAd_TS Value: 1733506407551
.tapad.com/	1970-01-21 02:58:10	Name: TapAd_DID Value: 2f8d5fa4-7be6-426d-a8a5-ebf15d0494ad
.go.sonobi.com/	1970-01-21 10:17:22	Name: __uis Value: e3f4f6b8-0ef2-404b-9d3f-fa11b9603c05
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86114\|Z1M1a
.turn.com/	1970-01-21 05:50:58	Name: uid Value: 2987853030513172148
.ad.gt/	1970-01-21 10:17:22	Name: au_id Value: AU1D-0100-001733506407-4CR55FV3-45F2
.360yield.com/	1970-01-21 03:41:22	Name: tuuid Value: 6fcda006-d7a7-46cd-9462-3e2268509a53
.360yield.com/	1970-01-21 03:41:22	Name: tuuid_lu Value: 1733506407
.360yield.com/	1970-01-21 03:41:22	Name: um Value: !313,oLsd.D1iwzihJs-IRS0Ofg9.jUhn5ViHx.F-CaOcI4GloYU3k2-YKt3XNSnPQbeFIcN0fq6NJHqrIjWc,1741282408
.360yield.com/	1970-01-21 03:41:22	Name: umeh Value: !313,0,1795714408,-1
.ipredictive.com/	1970-01-21 10:17:22	Name: cu Value: 0eb33901-5ec7-4a79-a543-923b48a1129e\|1733506409435
.bidr.io/	1970-01-21 11:00:16	Name: bito Value: AAD6hE7OpmsAABaEiMl_Ag
.bidr.io/	1970-01-21 11:00:16	Name: bitoIsSecure Value: ok
.lijit.com/	1970-01-21 10:17:22	Name: ljt_reader Value: JyY9ARZHFDeTvjBnTxWIctmw
.lijit.com/	1970-01-21 10:17:22	Name: _ljtrtb_85 Value: AAD6hE7OpmsAABaEiMl_Ag
.id5-sync.com/	1970-01-21 03:41:22	Name: 3pi Value: 434#1733506408338#1826943566\|2#1733506410337#1771000513\|1241#1733506410813#1094202380\|203#1733506408894#-842749996#271c225d-6f57-43aa-96a3-8ce17d666e63\|155#1733506410097#1170790196#AAD6hE7OpmsAABaEiMl_Ag\|124#1733506408130#277509406\|108#1733506409085#-2081441342\|796#1733506409542#384162350

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25ee0e72e8bfde7bee4370dc3ad0149f.safeframe.googlesyndication.com
a.ad.gt
a4539641d6a808a72eeda1a525dbd88a.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
bcp.crwdcntrl.net
bet365.id.uptodown.com
bt.dns-finder.com
btloader.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
d.turn.com
d8d708e1bca331bef014f3655538823a.safeframe.googlesyndication.com
dis.eu.criteo.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
fundingchoicesmessages.google.com
geo.cookie-script.com
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids4.ad.gt
image2.pubmatic.com
img.utdstc.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
m.uptodown.net
match.adsrvr.org
match.prod.bidr.io
oa.openxcdn.net
oajs.openx.net
p.ad.gt
pagead2.googlesyndication.com
pixel.tapad.com
pixels.ad.gt
proton.ad.gt
pubads.g.doubleclick.net
scripts.ssm.codes
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
ssm.codes
static.criteo.net
stc.utdstc.com
sync.go.sonobi.com
sync.ipredictive.com
tags.crwdcntrl.net
token.rubiconproject.com
u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
104.18.29.101
108.138.106.56
108.138.112.90
108.138.128.46
130.211.23.194
142.250.31.156
142.250.65.226
142.250.80.34
142.251.163.155
142.251.167.105
142.251.35.174
142.251.40.98
151.101.131.52
151.101.3.52
151.101.67.52
162.19.138.116
162.19.138.120
172.253.63.148
172.67.69.203
178.250.7.11
188.226.136.4
207.65.37.184
23.203.179.38
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:293c
2606:4700:20::681a:346
2606:4700:3033::6815:19ba
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c09::71
2607:f8b0:4004:c0b::66
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c21::61
2607:f8b0:4004:c21::84
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80f::2001
2620:100:a00b::12
2620:100:a00b::4
2620:112:f008:200::101
34.102.146.192
34.111.113.62
34.120.135.53
34.196.74.196
34.96.70.87
34.98.64.218
35.190.39.111
35.244.193.51
44.193.32.222
52.223.40.198
52.32.35.154
52.44.170.186
52.54.3.156
54.208.65.79
68.67.160.184
69.173.146.5
036b1b2613b35796287d62636ae426621725d185ee3230defdd5cc95e818005d
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
063ae0a535033a4e1fdbde7dfd612fdddec8608dff30bd3da5a8ee91b06be799
0684e64ee11ec885ccf5f3d22c139b315c24008a53984811abf0fea0976bacdf
06b55f0746c6b28ad7772a010963dbef74477f542eb754f5380c8a99ea9ba05f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbb07c9b3963ef42fdba2de10bdb857f341827df79dd0a6785f49343c347aeb
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
0f28459bab632d4a20f27f6a064dbde0ea813656abe628b38483892c489bf680
111d50292c80768df11cf2a437da0dfa9679bb07c69b2cbc425a7bd91cee661e
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1822a3b018de086aa6171e9ccfc387d0ea45ddfedb368504ba4cea9aa7bf4c54
1be566e8d94fb4137be091a26ee42f0a26253a4930c0c8344eeaf5f25dff1169
2630651d84cecffded9e8253cdc4b254cd1f16540f8a78dedd799b044260bac3
27c6ab3ec27f001abc9ad0cc0d05fed6da61d635b3e6c8469d2b64830d06401c
2839413303baa82ca1b8a19957ddfa5422c548bfd8968f5e96e54ab8dc3f67fb
2ad163481ac289c0c64698b501de4c42d2d0e845a94b59f635500edb7f10132f
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
35fa60dc69f25c9d34d3af60b390fc1acbdb14a0d1986ee3465f18e4d5bd22d6
36800adc29c76c8ded03056d559c6c8a249aacfa0d747c9974c00de60b1eb26d
3a4205e1f38d8ca0ac0f2c40283850dc4e19ed9e68ce72ab9952f81038a3dd02
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3ce1baf72e9581b47dfab92281376bbe1ccf39af58229f3b8f302e66d1e53d97
3fdcacafa01f13d2c72f912178f174b911961f797ddcf71437d0d46e2a801ddb
421dff8925a631748c525fb528048dd8fc63e73d5622bb0cababbebf7373ab6e
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
47c630043cce5d297c4d585c87b4d586167caf94c238d08a4f21888a7eabfa38
4a0215fcc8cc36a8dc5900f34dd4d1146fe30cad1fa26c941dd4bd3a1c28ecd6
4d89ad60f7f9ce004eb30b3658c6bfbdb8e30ae552105170f3f60aa96e94b9e0
5001b4b9d91bab13e9fc90e87b349724a11d0cb5d0ee00901012e1b8d82afbac
51bdd3c5212d3abf08b5ebc6bf7292fb76806debc4c096f3ae15b4738db87fb7
52d073528326b6ce9efaeee3c27fc36761b862d521e2eabe066587bb2294792e
53ffa06138d76a71ab237e0f23d40aaf9667792e39cc4b7b8b7eb097fd245136
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5c76ca5021ce8331b8ac4a12fdae3f1a580538363164fd32d4a8f53c8e56e583
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
636297119e8a24826e5c14e098f5ea008f219f50da102f64c95d1e607bd6779a
638fe3a643beea0a7ec0b5356c152c162aa414aad8d00fcca5ec8bb52e28782b
67270f08158fa101a3b2ae87d4d1eb8d8fcf2b3c5fbcfb2ad67abef7094d91d2
6afeb9ca6125e03530d145310e848881503f4f90b30ec655f0fcae803c64d154
6bbe91c38dfffe5c61067ee61dbc0feaa6fdf177c9f42de28fccd57d4843b738
6c96429cbc6b4ed147743dc6a10753d9825a29d5224295fdbf8a9ec07c30485e
6edea1b671b8419801ac28e1a1bfc87e350a3dc0a7d979f4746b24b94d65b643
708145609f66add7242410f9a591beaa5a2f258f7aba910dff1545c56eac039a
76e9c3f785f7c3c1cfbd016be0579f6980a12f8a76aea06a7e6d0f49f6a7427c
7be49211e8eaa54cbd0e90256bc9a82b37cc3e9b61b400fb9d403771b5b26d9f
7c87e4021dd37e0942d8224a0eea1e44d0b2901220e55675a3ad86dd6bbcb9cd
7f5a86c8915493c3399cd4bf38db1ada2a8f2850af11a98323468d5e14ef9295
8010e544339bf10c7a4ac516803fca32f56c6d595a2499faef0268caa50d9d8c
839e11d5ea35fe60fd65d0da091762640d7b98144b58f553a8742d863bc60795
842593edf7b01d8a7e6dc9e05fb39d1ec176cf83b455bc1205e735638ac9b584
8478b2a3764a8b84af7ca3852738a498759b83f0e290c054ddb8de1af854e77a
85e12c031641c917e689ed8cde10ac305cc394bbbd08f51ffabef5e222eef400
8643d0b3c6a1d291b37e372b5413a1d82565e2b753fe42599a18a29cb6eb4368
8b89e261e885c16647d44df70dcc9002f3484bad778e284966a7ebe371c06c98
919d79261e5b61afb0a5d29336e9dcd619bcad54d4e195c0185a2ccfdd697132
97d7778bfe93415c98cb278f6be25b069ffedd42c8a2f0f4b47004969608b9ca
98e400eac1fb007ea5518f27b650c7d823d7d29314ac573de05750f8417e5df7
9fd2b4ace77dcf933159c8aee3c6b70e5863cc936430e168526122c86798723d
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06dca843ae374a03e7f132ae3418d030487311ec276b03b07a70512545f193b
a3e6ac788315b20e0fb220d27e5954f8d03498e0dd7fa3a0942136d35c9cb6d6
a575b38852221718f37085aa9e3e05cd60b48dc2c200c5a6e1467931f4ed9897
a7887a2706775f4918cf25e446a483eda541422c7178ba4bfa322dfbbbed2522
a94c989e9aece6cc36d94e5d1a5109e838c6b0d0c962c5a47ffcd78751ae1501
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
ad191ab4a274a24f6e81576c680ac448e450f350df41d552b20647ff2d63b24e
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b15eb85fe374d2db60bd2223075e43b349fe366944b352247514e3efc2f09de4
b749607fad10cba75d35dacf2b225f99fdfbc34f73e355823cfb85943303e943
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
ba775cf8e9e967d8e5dc44939dc8f627bce16bdd83a2598a91a97c7e5075396b
be9c627e58bfd901d0e941aa786c106277a04672cc1f0da5931fe31ae09f3318
c027749cb4bb34ce24e94f6376dbeddacd64b18bb493a1533058f37aa04532ce
c42c3d7e1c0e4d1029832d2586055c67064b5dbb70fafd41d9749f6c117d11bc
c58922bf60cad0f692025cf3bbe4926579ede4d574b5bee00534134bb7ff0ed1
c59dd8b54438033bdd71c3759bcb01d2a56e2076c9a13ef7b55cf1911dae61f0
ca4afa0723d45439f58c44f80ee8a79bd95266e96736a6f81b62e10634e5928f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d59fd3ee79e4aef065ab1a7eec346d71d92913b163d6677565e472db0ace0e46
d6c7fb43b5379f4b9e866a8639ae9c2bc6998e970b20bd06e1dbfff941485544
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e22a24aed6b6e4bfe61d4ab9475434020c02926ad167d58d08e2724e8cbd15d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e40ecff55e081f55daf246892a2696928c825b564d8a465befa04148f2e37a
e6446fa66d8fa0fdd6d0cf68a5c48c690e4af5e7813f1b5e1023e16ef0aaca66
e6d3d2950347d831d255a920bec3be4c52fc95ce16553cb3f223e2f2c0a2c140
e79cf8b480060ab1061126b28fda5a1f6812a501d1aa1207d35cf370b3cc70b9
e8bf0336e56dac84ee62d0f4687a1245059645105089eaf112946ee2ea996ca2
e9d8b1c81f56267377103f2e17caf686d31f5c213346f840b8ed8e66a957f9c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00d64b58462446057e5093cb434ad1b5bad866d921598392b939e734f5eb438
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f30ad78709315382f6d4238c41c472fa6968ada3093504ff2127ff9115334ce7
fccde017f4c101570f9a09e7fc88c97f45706ddda309799aa1ccb0a7e49e7a99
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

bet365.id.uptodown.com Open in urlscan Pro 151.101.131.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

92 %HTTPS

33 %IPv6

39 Domains

65 Subdomains

48 IPs

5 Countries

1354 kBTransfer

5728 kBSize

72 Cookies

81 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bet365.id.uptodown.com Open in urlscan Pro
151.101.131.52 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

92 %
HTTPS

33 %
IPv6

39
Domains

65
Subdomains

48
IPs

5
Countries

1354 kB
Transfer

5728 kB
Size

72
Cookies

166 HTTP transactions
2 data transactions