click.smytrafficfilter.com Open in urlscan Pro
199.212.255.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077...
Effective URL:
http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199
Submission: On November 14 via manual (November 14th 2017, 11:23:37 pm UTC) from US

Summary HTTP 43 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 43 HTTP transactions. The main IP is 199.212.255.138, located in Canada and belongs to FHMNET - 1882914 Ontario Inc, CA. The main domain is click.smytrafficfilter.com.

This is the only time click.smytrafficfilter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	199.212.255.138 199.212.255.138	25948 (FHMNET) (FHMNET - 1882914 Ontario Inc)
2	212.124.115.210 212.124.115.210	47328 (TRI-AS) (TRI-AS)
1 1	206.54.177.233 206.54.177.233	40824 (WZCOM-US) (WZCOM-US - WZ Communications Inc.)
2	104.20.13.25 104.20.13.25	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.20.12.25 104.20.12.25	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.111.11.78 23.111.11.78	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS) (MYLOC-AS)
2	217.79.188.2 217.79.188.2	24961 (MYLOC-AS) (MYLOC-AS)
13 30	107.154.132.111 107.154.132.111	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	185.172.148.132 185.172.148.132	44239 (PROINITY ...) (PROINITY PROINITY)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
43	13

2 199.212.255.138 (Canada)

ASN25948 (FHMNET - 1882914 Ontario Inc, CA)
PTR: n3.datablocks.net

click.smytrafficfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.124.115.210 (Germany)

ASN47328 (TRI-AS, ES)

n156adserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.54.177.233 (Fort Lauderdale, United States) 1 redirects

ASN40824 (WZCOM-US - WZ Communications Inc., US)

get35.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.13.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.linkbucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.12.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.linkbucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.11.78 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

cdn-e2.adverserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.2 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 107.154.132.111 (Redwood City, United States) 13 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.132.111.ip.incapdns.net

www.bet90.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bet90.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, DE)

8094865436ad1eb94a3c.curacao-egaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	bet90.com www.bet90.com Failed bet90.com	782 KB
4	gstatic.com fonts.gstatic.com	45 KB
4	linkbucks.com www.linkbucks.com Failed	11 KB
3	curacao-egaming.com 8094865436ad1eb94a3c.curacao-egaming.com	30 KB
3	adition.com imagesrv.adition.com ad1.adfarm1.adition.com	10 KB
2	google-analytics.com www.google-analytics.com	14 KB
2	n156adserv.com n156adserv.com Failed	2 KB
2	smytrafficfilter.com click.smytrafficfilter.com	7 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	adverserve.net cdn-e2.adverserve.net Failed	167 B
1	get35.com 1 redirects get35.com	488 B
43	11

	Domain	Requested by
17	www.bet90.com	www.bet90.com
13	bet90.com	13 redirects
4	fonts.gstatic.com	www.bet90.com
4	www.linkbucks.com	www.linkbucks.com
3	8094865436ad1eb94a3c.curacao-egaming.com	www.bet90.com
2	ad1.adfarm1.adition.com	cdn-e2.adverserve.net ad1.adfarm1.adition.com
2	www.google-analytics.com	www.linkbucks.com
2	n156adserv.com
2	click.smytrafficfilter.com	click.smytrafficfilter.com
1	fonts.googleapis.com	www.bet90.com
1	imagesrv.adition.com	cdn-e2.adverserve.net
1	cdn-e2.adverserve.net
1	get35.com	1 redirects
43	13

This site contains links to these domains. Also see Links.

Domain
www.gamcare.org.uk
www.begambleaware.org
www.thw-handball.de
www.fc-koeln.de
www.authorisation.mga.org.mt
validator.curacao-egaming.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2017-11-01` - `2018-01-24`	3 months	crt.sh
*.adverserve.net SSL.com DV CA	`2016-02-12` - `2018-02-11`	2 years	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2017-04-11` - `2019-05-27`	2 years	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2017-05-03` - `2019-06-27`	2 years	crt.sh
*.bet90.com COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2018-04-11`	a year	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-11-01` - `2018-01-24`	3 months	crt.sh
*.curacao-egaming.com AlphaSSL CA - SHA256 - G2	`2017-02-07` - `2018-03-29`	a year	crt.sh
*.google.com Google Internet Authority G2	`2017-11-01` - `2018-01-24`	3 months	crt.sh

This page contains 5 frames:

Frame: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
Frame ID: 17815.1
Requests: 3 HTTP requests in this frame

Frame: http://www.linkbucks.com/AR0gd
Frame ID: 17833.1
Requests: 3 HTTP requests in this frame

Frame: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Frame ID: 17864.1
Requests: 7 HTTP requests in this frame

Frame: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Frame ID: 17884.1
Requests: 5 HTTP requests in this frame

Frame: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Frame ID: 17909.1
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24... Page URL
http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

43
Requests

72 %
HTTPS

23 %
IPv6

11
Domains

13
Subdomains

13
IPs

5
Countries

901 kB
Transfer

1093 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gamcare.org.uk/
Title:

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/
Title:

Search URL Search Domain Scan URL

URL: https://www.thw-handball.de/
Title:

Search URL Search Domain Scan URL

URL: https://www.fc-koeln.de/
Title:

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=4d475a07-f7b8-41b9-b298-d6e3d536fb14&details=1
Title:

Search URL Search Domain Scan URL

URL: https://validator.curacao-egaming.com/validate?domain=www.bet90.com
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077%27c%3e225%27w%3e7151%3a6800%27qh%3cwp%40%5dqnl%25h%3f252-82-037%2f3%3a8%24p%3c722%24%60h%3f.0%24a%3c2-123233%27e%3e1%2c312612%25rv%3e07215306%3a2%24sc%3fkuvs%241b%240e%240eo367cgrgqw%2c%60no%263dbeq%262dhd%7b%262ffg1fb1gg1e0113%3bb4%3a3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3c2%25re%3e1&ip_addr=140.90.114.199 Page URL
http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://click.smytrafficfilter.com/fc/?p=u%3F%60%27a%3E0%3B75%24h%3Cjllg%2632fpwju%7B%2632oncm%27r%3E0454%24pt%3F2304%2C02111077%27c%3E225%27w%3E7151%3A6800%27qh%3Cwp%40%5Dqnl%25h%3F252-82-037%2F3%3A8%24p%3C722%24%60h%3F.0%24a%3C2-123233%27e%3E1%2C312612%25rv%3E07215306%3A2%24sc%3Fkuvs%241b%240e%240eo367cgrgqw%2C%60no%263dbeq%262dhd%7B%262ffg1fb1gg1e0113%3Bb4%3A3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3C2%25re%3E1&sh=1200&sw=1600&y=0&x=0&h=1200&w=1600&i=0&o=0&f=0&pr=0&vi=1&ip_addr=140.90.114.199 HTTP 302
http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0

Request Chain 3

http://get35.com/m/id.gif?uim_s=n156&uim_k=d8c373c3bf43a718&uim_id=d08932b0-c992-11e7-9790-68b599ca8038&uim_r=http%3A%2F%2Fn156adserv.com%2Fmulti-cookie.gif%3Fcf%3Dimg%26ep%3D0%26UUID%3Dd08932b0-c992-11e7-9790-68b599ca8038%26uim_guid%3D%24%7BUIM_GUID%7D%7C30d HTTP 302
http://n156adserv.com/multi-cookie.gif?cf=img&ep=0&UUID=d08932b0-c992-11e7-9790-68b599ca8038&uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17%7C30d

Request Chain 4

http://n156adserv.com/impression.gif?b=324&p=191&c=93&h=5d43de90512fa7cf6057e879bfa49c7d&l=DE&sh=800&sw=1280&ad.trans.id=emili78k1uw8&s=9e3f6589c104f9b5eea5af93ab952df7&t=1510701805917&u=http%3A%2F%2Fwww.linkbucks.com%2FAR0gd HTTP 302
http://www.linkbucks.com/AR0gd

Request Chain 11

http://www.linkbucks.com/popUnder/load?t=82a74e8f07c97bca22e43e688fd1832a00c90955&k=7bf566f908c78f05f3a8e96ca76d17d9&h=1200&w=1600&bh=1200&bw=1600&r=http%3A%2F%2Fn156adserv.com%2Fads%3Fkey%3Def3ec3df3f13229a580002f0d30271da%26ch%3D%26width%3D0%26height%3D0 HTTP 302
http://adplexmedia.adk2x.com/imp?p=75083457&ct=html&ap=1304 HTTP 302
http://adplexmedia.adk2x.com/ul_cb/imp?p=75083457&ct=html&ap=1304 HTTP 302
https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html

Request Chain 16

https://ad1.adfarm1.adition.com/redi?lid=6488414850787639503&sid=3935772&kid=2187865&bid=7433990&c=25527&keyword=&sr=6&clickurl= HTTP 302
http://affiliateads.bet90.com/redirect.aspx?pid=2164&bid=1523 HTTP 301
https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Request Chain 20

https://bet90.com/i/logo.png HTTP 301
https://www.bet90.com/i/logo.png

Request Chain 21

https://bet90.com/img/demobile-sport1.jpg HTTP 301
https://www.bet90.com/img/demobile-sport1.jpg

Request Chain 22

https://bet90.com/img/demobile-casino.jpg HTTP 301
https://www.bet90.com/img/demobile-casino.jpg

Request Chain 23

https://bet90.com/img/payment-methods1.png HTTP 301
https://www.bet90.com/img/payment-methods1.png

Request Chain 24

https://bet90.com/img/payment-methods2.png HTTP 301
https://www.bet90.com/img/payment-methods2.png

Request Chain 25

https://bet90.com/img/comodo111.png HTTP 301
https://www.bet90.com/img/comodo111.png

Request Chain 26

https://bet90.com/img/gamcare111.png HTTP 301
https://www.bet90.com/img/gamcare111.png

Request Chain 27

https://bet90.com/img/gambleaware111.png HTTP 301
https://www.bet90.com/img/gambleaware111.png

Request Chain 28

https://bet90.com/img/minors111.png HTTP 301
https://www.bet90.com/img/minors111.png

Request Chain 29

https://bet90.com/img/mga_logo.png HTTP 301
https://www.bet90.com/img/mga_logo.png

Request Chain 34

https://bet90.com/img/debck-image1.jpg HTTP 301
https://www.bet90.com/img/debck-image1.jpg

Request Chain 39

https://bet90.com/img/thw-kiel-logo-bw.png HTTP 301
https://www.bet90.com/img/thw-kiel-logo-bw.png

Request Chain 40

https://bet90.com/img/FC_Logo-bw.png HTTP 301
https://www.bet90.com/img/FC_Logo-bw.png

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
click.smytrafficfilter.com/click/ 2 KB
2 KB 195ms
97ms Document
text/html 199.212.255.138
1882914 Ontario Inc

General

Check archive.org

Show headers Download Go to

Full URL: http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077%27c%3e225%27w%3e7151%3a6800%27qh%3cwp%40%5dqnl%25h%3f252-82-037%2f3%3a8%24p%3c722%24%60h%3f.0%24a%3c2-123233%27e%3e1%2c312612%25rv%3e07215306%3a2%24sc%3fkuvs%241b%240e%240eo367cgrgqw%2c%60no%263dbeq%262dhd%7b%262ffg1fb1gg1e0113%3bb4%3a3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3c2%25re%3e1&ip_addr=140.90.114.199
Protocol: HTTP/1.1
Server: 199.212.255.138 , Canada, ASN25948 (FHMNET - 1882914 Ontario Inc, CA),
Reverse DNS: n3.datablocks.net
Software: Web Ninja /
Resource Hash: b9b712e81d2a80c8193c3b48294b50a900acc12626b77691fb5cab7e05fb4079

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: click.smytrafficfilter.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 14 Nov 2017 23:23:25 GMT
Connection: keep-alive
Server: Web Ninja
Set-Cookie: p=u%3F%60%27a%3E0%3B75%24h%3Cjllg%2632fpwju%7B%2632oncm%27r%3E0454%24pt%3F2304%2C02111077%27c%3E225%27w%3E7151%3A6800%27qh%3Cwp%40%5Dqnl%25h%3F252-82-037%2F3%3A8%24p%3C722%24%60h%3F.0%24a%3C2-123233%27e%3E1%2C312612%25rv%3E07215306%3A2%24sc%3Fkuvs%241b%240e%240eo367cgrgqw%2C%60no%263dbeq%262dhd%7B%262ffg1fb1gg1e0113%3Bb4%3A3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3C2%25re%3E1; Path=/;
Content-Length: 2183
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK Primary Request / Show response
click.smytrafficfilter.com/filter/ 5 KB
5 KB 98ms
98ms Document
text/html 199.212.255.138
1882914 Ontario Inc

General

Check archive.org

Show headers Download Go to

Full URL: http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199
Requested by: Host: click.smytrafficfilter.com
URL: http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077%27c%3e225%27w%3e7151%3a6800%27qh%3cwp%40%5dqnl%25h%3f252-82-037%2f3%3a8%24p%3c722%24%60h%3f.0%24a%3c2-123233%27e%3e1%2c312612%25rv%3e07215306%3a2%24sc%3fkuvs%241b%240e%240eo367cgrgqw%2c%60no%263dbeq%262dhd%7b%262ffg1fb1gg1e0113%3bb4%3a3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3c2%25re%3e1&ip_addr=140.90.114.199
Protocol: HTTP/1.1
Server: 199.212.255.138 , Canada, ASN25948 (FHMNET - 1882914 Ontario Inc, CA),
Reverse DNS: n3.datablocks.net
Software: Web Ninja /
Resource Hash: 8c06cad4a625571e459328609b24f22755275dac4c577d9d4e0d7569aa39ca2c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: click.smytrafficfilter.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077%27c%3e225%27w%3e7151%3a6800%27qh%3cwp%40%5dqnl%25h%3f252-82-037%2f3%3a8%24p%3c722%24%60h%3f.0%24a%3c2-123233%27e%3e1%2c312612%25rv%3e07215306%3a2%24sc%3fkuvs%241b%240e%240eo367cgrgqw%2c%60no%263dbeq%262dhd%7b%262ffg1fb1gg1e0113%3bb4%3a3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3c2%25re%3e1&ip_addr=140.90.114.199
Cookie: p=u%3F%60%27a%3E0%3B75%24h%3Cjllg%2632fpwju%7B%2632oncm%27r%3E0454%24pt%3F2304%2C02111077%27c%3E225%27w%3E7151%3A6800%27qh%3Cwp%40%5Dqnl%25h%3F252-82-037%2F3%3A8%24p%3C722%24%60h%3F.0%24a%3C2-123233%27e%3E1%2C312612%25rv%3E07215306%3A2%24sc%3Fkuvs%241b%240e%240eo367cgrgqw%2C%60no%263dbeq%262dhd%7B%262ffg1fb1gg1e0113%3Bb4%3A3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3C2%25re%3E1
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://click.smytrafficfilter.com/click/?p=u%3f%60%27a%3e0%3b75%24h%3cjllg%2632fpwju%7b%2632oncm%27r%3e0454%24pt%3f2304%2c02111077%27c%3e225%27w%3e7151%3a6800%27qh%3cwp%40%5dqnl%25h%3f252-82-037%2f3%3a8%24p%3c722%24%60h%3f.0%24a%3c2-123233%27e%3e1%2c312612%25rv%3e07215306%3a2%24sc%3fkuvs%241b%240e%240eo367cgrgqw%2c%60no%263dbeq%262dhd%7b%262ffg1fb1gg1e0113%3bb4%3a3121g2g22163g%60%2717ak%241g%2405vkguj%262f3%2405igjfjw%241g1%24y%3c2%25re%3e1&ip_addr=140.90.114.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2017 23:23:25 GMT
Server: Web Ninja
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 4739
Expires: 0

GET

ads
n156adserv.com/
Redirect Chain

http://click.smytrafficfilter.com/fc/?p=u%3F%60%27a%3E0%3B75%24h%3Cjllg%2632fpwju%7B%2632oncm%27r%3E0454%24pt%3F2304%2C02111077%27c%3E225%27w%3E7151%3A6800%27qh%3Cwp%40%5Dqnl%25h%3F252-82-037%2F3%3...
http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0

0
0

GET
H/1.1 200
OK Cookie set ads Show response
n156adserv.com/ Frame 1783 2 KB
2 KB 332ms
98ms Document
text/html 212.124.115.210
TRI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
Protocol: HTTP/1.1
Server: 212.124.115.210 , Germany, ASN47328 (TRI-AS, ES),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3ae827e7645b03278e38ee547029f4ac8adfd88c6f428d6ca88eed205cff44de

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: n156adserv.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://click.smytrafficfilter.com/filter/?keyword=home+equity+loan&ip_addr=140.90.114.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2017 23:23:25 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Set-Cookie: UUID=d08932b0-c992-11e7-9790-68b599ca8038; Domain=.n156adserv.com; Expires=Thu, 14-Nov-2019 23:23:25 GMT; Path=/
Cache-Control: no-cache
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 1925
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set multi-cookie.gif
n156adserv.com/ Frame 1783
Redirect Chain

http://get35.com/m/id.gif?uim_s=n156&uim_k=d8c373c3bf43a718&uim_id=d08932b0-c992-11e7-9790-68b599ca8038&uim_r=http%3A%2F%2Fn156adserv.com%2Fmulti-cookie.gif%3Fcf%3Dimg%26ep%3D0%26UUID%3Dd08932b0-c9...
http://n156adserv.com/multi-cookie.gif?cf=img&ep=0&UUID=d08932b0-c992-11e7-9790-68b599ca8038&uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17%7C30d

45 B
45 B

187ms
94ms

Image
image/gif

212.124.115.210
TRI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://n156adserv.com/multi-cookie.gif?cf=img&ep=0&UUID=d08932b0-c992-11e7-9790-68b599ca8038&uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17%7C30d
Protocol: HTTP/1.1
Server: 212.124.115.210 , Germany, ASN47328 (TRI-AS, ES),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: n156adserv.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
Cookie: UUID=d08932b0-c992-11e7-9790-68b599ca8038
Connection: keep-alive
Cache-Control: no-cache
Referer: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2017 23:23:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO PSA OUR"
Set-Cookie: UUID=d08932b0-c992-11e7-9790-68b599ca8038; Domain=.n156adserv.com; Expires=Thu, 14-Nov-2019 23:23:26 GMT; Path=/ ecvtcn_uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17; Domain=.n156adserv.com; Expires=Thu, 14-Dec-2017 23:23:26 GMT; Path=/
Cache-Control: no-cache false
Connection: close
Content-Type: image/gif
Content-Length: 45
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: http://n156adserv.com/multi-cookie.gif?cf=img&ep=0&UUID=d08932b0-c992-11e7-9790-68b599ca8038&uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17%7C30d
Set-Cookie: uim_guid=guid_d_c8dbe62c98edf1e25e60acfb2f4c261af7012009359cce03af639f9ee9249056f9b14e3063ec2f17; Expires=Wed, 14-Nov-2018 23:23:25 GMT; Path=/
Date: Tue, 14 Nov 2017 23:23:24 GMT
Server: Apache-Coyote/1.1
Connection: close
Content-Length: 0

GET

AR0gd
www.linkbucks.com/ Frame 1783
Redirect Chain

http://n156adserv.com/impression.gif?b=324&p=191&c=93&h=5d43de90512fa7cf6057e879bfa49c7d&l=DE&sh=800&sw=1280&ad.trans.id=emili78k1uw8&s=9e3f6589c104f9b5eea5af93ab952df7&t=1510701805917&u=http%3A%2F...
http://www.linkbucks.com/AR0gd

0
0

GET
H/1.1 200
OK Cookie set AR0gd Show response
www.linkbucks.com/ Frame 1786 7 KB
3 KB 191ms
186ms Document
text/html 104.20.13.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://www.linkbucks.com/AR0gd

Protocol

HTTP/1.1

Server

104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / ASP.NET

Resource Hash

3e65c3cac95d50b82b1490ebca6006e6609d77890c5e1d05e5c9de9952417519

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.linkbucks.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2017 23:23:26 GMT
Content-Encoding: gzip
Server: cloudflare-nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/html; charset=utf-8
Set-Cookie: __cfduid=ddeaf4f92d2c1a5502783f9a6a12b08341510701806; expires=Wed, 14-Nov-18 23:23:26 GMT; path=/; domain=.linkbucks.com; HttpOnly ASP.NET_SessionId=mmcohqu1lxxowkbnxkzsy1us; path=/; HttpOnly
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3bddb7f1a5f8646f-FRA
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK popUnderLink.js Show response
www.linkbucks.com/scripts/ Frame 1786 2 KB
838 B 10ms
9ms Script
application/javascript 104.20.13.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.linkbucks.com/scripts/popUnderLink.js
Requested by: Host: www.linkbucks.com
URL: http://www.linkbucks.com/AR0gd
Protocol: HTTP/1.1
Server: 104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 90bb7b964e8aee4f0caf5b45ccd36d2fb7057a46bbb6fccf0439912764015b4f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.linkbucks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://www.linkbucks.com/AR0gd
Cookie: __cfduid=ddeaf4f92d2c1a5502783f9a6a12b08341510701806; ASP.NET_SessionId=mmcohqu1lxxowkbnxkzsy1us
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 14 Nov 2017 23:23:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Last-Modified: Thu, 03 Aug 2017 18:20:55 GMT
Server: cloudflare-nginx
X-Powered-By: ASP.NET
ETag: W/"a1d0303f85cd31:0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 3bddb7f2e642646f-FRA

GET
H/1.1 200
OK script-adv.js Show response
www.linkbucks.com/scripts/ Frame 1786 32 B
32 B 15ms
9ms Script
application/javascript 104.20.12.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.linkbucks.com/scripts/script-adv.js
Requested by: Host: www.linkbucks.com
URL: http://www.linkbucks.com/AR0gd
Protocol: HTTP/1.1
Server: 104.20.12.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: ac7e5e2f553bc944caa19ef20d310a3eb7f65814b31b6976618b33639365cf7f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.linkbucks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://www.linkbucks.com/AR0gd
Cookie: __cfduid=ddeaf4f92d2c1a5502783f9a6a12b08341510701806; ASP.NET_SessionId=mmcohqu1lxxowkbnxkzsy1us
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 14 Nov 2017 23:23:26 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 03 Aug 2017 18:20:55 GMT
Server: cloudflare-nginx
X-Powered-By: ASP.NET
ETag: "7f90333f85cd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 3bddb7f2f2df26d2-FRA
Content-Length: 32

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1786 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.linkbucks.com
URL: http://www.linkbucks.com/AR0gd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://www.linkbucks.com/AR0gd
:scheme: https
:method: GET
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2017 23:46:20 GMT
server: Golfe2
age: 2680
date: Tue, 14 Nov 2017 22:38:46 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14635
expires: Wed, 15 Nov 2017 00:38:46 GMT

GET
H/1.1 200
OK jquery.js Show response
www.linkbucks.com/scripts/ Frame 1786 28 KB
7 KB 96ms
96ms Script
text/javascript 104.20.12.25
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.linkbucks.com/scripts/jquery.js?r=82a74e8f07c97bca22e43e688fd1832a00c90955&33830998
Requested by: Host: www.linkbucks.com
URL: http://www.linkbucks.com/scripts/popUnderLink.js
Protocol: HTTP/1.1
Server: 104.20.12.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx / ASP.NET
Resource Hash: 0866d14e69e10eedda46655e32c88358d1e8fb6ff0d7ff9b20f73d2e89b70cc5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.linkbucks.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://www.linkbucks.com/AR0gd
Cookie: __cfduid=ddeaf4f92d2c1a5502783f9a6a12b08341510701806; ASP.NET_SessionId=mmcohqu1lxxowkbnxkzsy1us
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2017 23:23:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare-nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3bddb7f302e226d2-FRA
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 1786 35 B
53 B 13ms
13ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j65&a=10977517&t=pageview&_s=1&dl=http%3A%2F%2Fwww.linkbucks.com%2FAR0gd&dr=http%3A%2F%2Fn156adserv.com%2Fads%3Fkey%3Def3ec3df3f13229a580002f0d30271da%26ch%3D%26width%3D0%26height%3D0&ul=en-us&de=UTF-8&dt=Linkbucks.com%20-%20Make%20money%20when%20people%20leave%20your%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=1535226251&gjid=1581589251&cid=1814939941.1510701807&tid=UA-88900307-1&_gid=1423765304.1510701807&_r=1&z=1368333179

Requested by

Host: www.linkbucks.com
URL: http://www.linkbucks.com/AR0gd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /r/collect?v=1&_v=j65&a=10977517&t=pageview&_s=1&dl=http%3A%2F%2Fwww.linkbucks.com%2FAR0gd&dr=http%3A%2F%2Fn156adserv.com%2Fads%3Fkey%3Def3ec3df3f13229a580002f0d30271da%26ch%3D%26width%3D0%26height%3D0&ul=en-us&de=UTF-8&dt=Linkbucks.com%20-%20Make%20money%20when%20people%20leave%20your%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=1535226251&gjid=1581589251&cid=1814939941.1510701807&tid=UA-88900307-1&_gid=1423765304.1510701807&_r=1&z=1368333179
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://www.linkbucks.com/AR0gd
:scheme: https
:method: GET
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2017 23:23:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

Bet90_Popunder_DE.html
cdn-e2.adverserve.net/bet90_popunder/ Frame 1786
Redirect Chain

http://www.linkbucks.com/popUnder/load?t=82a74e8f07c97bca22e43e688fd1832a00c90955&k=7bf566f908c78f05f3a8e96ca76d17d9&h=1200&w=1600&bh=1200&bw=1600&r=http%3A%2F%2Fn156adserv.com%2Fads%3Fkey%3Def3ec3...
http://adplexmedia.adk2x.com/imp?p=75083457&ct=html&ap=1304
http://adplexmedia.adk2x.com/ul_cb/imp?p=75083457&ct=html&ap=1304
https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html

0
0

GET
H/1.1 200
OK Bet90_Popunder_DE.html Show response
cdn-e2.adverserve.net/bet90_popunder/ Frame 1788 232 B
167 B 27ms
7ms Document
text/html 23.111.11.78
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.78 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ed20e86021fbd5b9d489483cded4dba5daebdc3db1c29e656c49bf9b7c2e3c21

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cdn-e2.adverserve.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.linkbucks.com/AR0gd
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://www.linkbucks.com/AR0gd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 14 Nov 2017 23:23:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2017 12:02:28 GMT
Server: NetDNA-cache/2.2
ETag: W/"c21131-e8-557565e82fd00"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK adition.js Show response
imagesrv.adition.com/js/ Frame 1788 28 KB
8 KB 66ms
14ms Script
application/javascript 217.79.188.11
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: cdn-e2.adverserve.net
URL: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 30e3791676fdd895a1c934596e7bfed6dc408af13b13f7ad0512d36136b291b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: imagesrv.adition.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 14 Nov 2017 23:23:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2017 00:45:46 GMT
ETag: "833982656"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 8463

GET
H/1.1 200
OK Cookie set js Show response
ad1.adfarm1.adition.com/ Frame 1788 843 B
843 B 50ms
14ms Script
application/x-javascript 217.79.188.2
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/js?wp_id=3935772&kid=2187865
Requested by: Host: cdn-e2.adverserve.net
URL: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 7d73633b897dd91621460197a7cc6d2f2353b30aa54102b6ccd29e5cc49dc91d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ad1.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Wed, 15 Nov 2017 00:23:26 +0100
Server: ADITIONSERVER v1.0
ETag: 12361433122414707732
Connection: keep-alive
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control: max-age=600
Set-Cookie: UserID1=6488414850785804375; expires=Mon, 14-May-2018 00:23:26 GMT; path=/; domain=.adfarm1.adition.com;
Content-Type: application/x-javascript
Content-Length: 843
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set banner Show response
ad1.adfarm1.adition.com/ Frame 1788 1 KB
1 KB 19ms
19ms Script
text/javascript 217.79.188.2
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/banner?sid=3935772&adjsver=3&co=1&fvers=&iframe=0&ref=http%3A//www.linkbucks.com/AR0gd&os=5&browser=11&kid=2187865&screen_res=6&wpt=J&clickurl=
Requested by: Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/js?wp_id=3935772&kid=2187865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f489ba4ca5fa974e80cb424a4caa512d20dee888687988ee5a88c8fa91ba0450

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ad1.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept: */*
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
Cookie: UserID1=6488414850785804375
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 15 Nov 2017 00:23:26 +0100
Server: ADITIONSERVER v1.0
ETag: 6488414850787639503
Connection: keep-alive
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control: no-cache
Set-Cookie: UserID1=6488414850785804375; expires=Mon, 14-May-2018 00:23:26 GMT; path=/; domain=.adfarm1.adition.com fc2=100cf; expires=Mon, 14-May-2018 00:23:26 GMT; path=/
Content-Type: text/javascript
Content-Length: 1263
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET

/
www.bet90.com/promotions/welcome-offers/ Frame 1788
Redirect Chain

https://ad1.adfarm1.adition.com/redi?lid=6488414850787639503&sid=3935772&kid=2187865&bid=7433990&c=25527&keyword=&sr=6&clickurl=
http://affiliateads.bet90.com/redirect.aspx?pid=2164&bid=1523
https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

0
0

GET
H2 200 / Show response
www.bet90.com/promotions/welcome-offers/ Frame 1790 33 KB
7 KB 150ms
39ms Document
text/html 107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: SBTech / ASP.NET
Resource Hash: a751d6f065b95accaa4b6fbe857ba2534d28c3eb682b6f5bb0b3ed322b35e846

Request headers

:path: /promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
pragma: no-cache
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
Referer: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
content-encoding: gzip
server: SBTech
x-aspnet-version: v1.1.1
x-powered-by: ASP.NET
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 3-59484750-59484751 NNNN CT(0 0 0) RT(1510701806846 0) q(0 0 0 0) r(0 0) U2
cache-control: private
set-cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; domain=.bet90.com; expires=Thu, 14-Dec-2017 23:23:27 GMT; path=/ sbtssid=1igeuxfkqyq5t4uctkpqeylo; domain=.bet90.com; path=/; HttpOnly firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; domain=.bet90.com; expires=Fri, 17-Nov-2017 23:23:27 GMT; path=/ lng=1148; domain=.bet90.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ cTz=1; domain=.bet90.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ oSt2=1; domain=.bet90.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; expires=Wed, 14 Nov 2018 21:20:36 GMT; path=/; Domain=.bet90.com incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; path=/; Domain=.bet90.com
content-type: text/html; charset=utf-8
x-cdn: Incapsula

GET
H2 200 css
fonts.googleapis.com/ Frame 1790 9 KB
1 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext

Requested by

Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ec4f2c4c513b8337a171783e878b60b17b013cec3e1d3dd37c12880df3ba7d82

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css?family=Roboto:400,400i,700,700i&subset=latin-ext
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: fonts.googleapis.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
content-encoding: gzip
last-modified: Tue, 14 Nov 2017 23:23:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2017 23:23:27 GMT

GET
H2 404 styles.css
www.bet90.com/promotions/welcome-offers/ Frame 1790 0
0 34ms
33ms Stylesheet
text/html 107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet90.com/promotions/welcome-offers/styles.css
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: SBTech / ASP.NET
Resource Hash

Request headers

:path: /promotions/welcome-offers/styles.css
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; sbtssid=1igeuxfkqyq5t4uctkpqeylo; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; lng=1148; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
content-encoding: gzip
server: SBTech
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 404
x-iinfo: 3-59484753-59484503 2NNN RT(1510701806901 0) q(0 0 0 -1) r(0 0) U11
cache-control: private
set-cookie: sbtssid=1igeuxfkqyq5t4uctkpqeylo; domain=.bet90.com; path=/ lng=1148; domain=.bet90.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
content-type: text/html; charset=utf-8
x-cdn: Incapsula

GET
H2

200

logo.png
www.bet90.com/i/ Frame 1790
Redirect Chain

https://bet90.com/i/logo.png
https://www.bet90.com/i/logo.png

6 KB
6 KB

29ms
29ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/i/logo.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: SBTech / ASP.NET
Resource Hash: 57021d01dfa35545acab100ac83415a3cd1af0a2babff66171ff0770e479850a

Request headers

:path: /i/logo.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
etag: "880302217"
last-modified: Mon, 16 Oct 2017 11:58:38 GMT
server: SBTech
x-aspnet-version: v1.1.1
x-powered-by: ASP.NET
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
x-iinfo: 3-59484767-59484760 2NNN RT(1510701806974 0) q(0 0 0 -1) r(0 0)
cache-control: public, no-cache="Set-Cookie", max-age=2592000
set-cookie: lng=1148; domain=.bet90.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
content-type: image/png
x-cdn: Incapsula
expires: Thu, 14 Dec 2017 23:23:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/i/logo.png
x-iinfo: 3-59484755-59484503 2NNN RT(1510701806931 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

demobile-sport1.jpg
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/demobile-sport1.jpg
https://www.bet90.com/img/demobile-sport1.jpg

182 KB
182 KB

30ms
29ms

Image
image/jpeg

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/demobile-sport1.jpg
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 22ddf8cd9800105775a5227dc62195726edb2c07b0656273bd7008cd7edbe9de

Request headers

:path: /img/demobile-sport1.jpg
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:26 GMT
last-modified: Mon, 21 Aug 2017 14:02:05 GMT
x-cdn: Incapsula
etag: "1008096973"
status: 200
x-iinfo: 3-59484768-59484282 2VNN RT(1510701806975 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 186718
expires: Tue, 14 Nov 2017 23:53:26 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/demobile-sport1.jpg
x-iinfo: 3-59484757-59484283 2NNN RT(1510701806936 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

demobile-casino.jpg
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/demobile-casino.jpg
https://www.bet90.com/img/demobile-casino.jpg

142 KB
142 KB

40ms
39ms

Image
image/jpeg

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/demobile-casino.jpg
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: feeb3befef4e4450a2363ec179f9c397d0f9a735b216698bb3f8b44262be7f28

Request headers

:path: /img/demobile-casino.jpg
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:26 GMT
last-modified: Fri, 18 Aug 2017 10:31:03 GMT
x-cdn: Incapsula
etag: "825723012"
status: 200
x-iinfo: 3-59484769-59484285 2VNN RT(1510701806975 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 145834
expires: Tue, 14 Nov 2017 23:53:26 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/demobile-casino.jpg
x-iinfo: 3-59484758-59484284 2NNN RT(1510701806937 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

payment-methods1.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/payment-methods1.png
https://www.bet90.com/img/payment-methods1.png

10 KB
10 KB

32ms
32ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/payment-methods1.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 084dc8667c3daf90da59b994d6b4a4fd545b37f22ee597605b787181207d33a7

Request headers

:path: /img/payment-methods1.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148; ___utmvc=r+k8OXdi5w6GVcvYA2AKHqzZE9kjDw5WqVRt9yI+f9vDwBhsqdg74+iMwDrdawM4Ny17Ya4g9Xb/i3V5YBnhhjRWJfQC7T8siXdmhZgMyt6SOj/tGq+vTXlUZKsw3do+1oikq7oIECxmEZyMgJEkPjag46orB/QwdNKN8yv+UOKq1RIh1sGd+xgq4D9igj13/iGSY2tv7r2itevACPjFHDqsbq+3Pao2XToiAaolBg0FMnP7xx4pB3IOM4DBeekP64ZcIEwnb7KJGPIDkxMKeu1jRQBN/5kkrgUH+QOYTGdnwPt/ng7lcntG0v9EL+Ghjo4t9hAet+0xTbdr9Iwe5h0EG4TaX0gNaJtxjBpNp2htHqYN3gUctPIyqSMIJmIkrgaT26JwqCmfBTlTYRmh1STXOErH04S2s7NsvbQX1MVBHKdbcy0+sf8s9Bn+33FxsAggibjlDo2d/NPa8u6lBWRagsT+hv8isDENgkOTwDqHklyOJj5vwO9Re+i79GLHHh3zWyYl+uTmLRJci2WFaTGQLq2RC72FmczZs1CDJ2MSJIZk9b/KjP0YL7A9issUi863/wJDNuzuTxJjvQ/3i8LLX3gUMUsyY43me7VCJDcPRObXyA3A5bqrOH8yb0OEwRF1oyDcDGISdJBAuurFWPDdcEJhooE+/BweDNUs19zCFr2C+4I/DWctRB1Ta+1ChqJOki8RY3xPDVzpwLwTLo5hS01S42KXKGoiUJuJO1oaT1O4b0gEr7gpJlIAVJ/eo9PSp3vXdnpNBsYdTVArqDJVtC7+rAzeGW4YeocvVv8iaDWufFpq0wDBGGjlTZmTPtlbLHhfhQXBKoZEIulNMVvqzWHgynlluIHLzgNG/kWpSzEap0GIaMzQYr3j/zOlvVNNKBgGJMwtBtaOGPBHKGp+Bi23dWccwtZhbCRz8cgT/mUeklgrd183Qcvq5lQ+QVboJdPsrdUZ4OxGrXMIEWirXDKFfFMV0MPxKTgPuQyyQdYd1BinVhyh8V27ZW2PaH8FNO2KPSabnIYg8FoMvqDPq/S8a9IcHwbeJgmf5xLtHlpyarpOVbzgioKRcpZ1XiYb01jIIiSyUcAhGfndhEpwzHbK0DEsZGlnZXN0PTgyMzI2LHM9ODY2OWFkNjk4ZjYzNjhhYTk1Nzg2ZTczNjI2NGFmODE4ODlhOTY4OTdiYTlhMWFjNjU5ZWEyYTBhYjg0NzlhNjg1YWI3ZmIxODA5YTZmNzM=
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 19 Jun 2017 13:06:44 GMT
x-cdn: Incapsula
etag: "29880516"
status: 200
x-iinfo: 3-59484774-59484760 2VNN RT(1510701807009 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Mon, 06 Nov 2017 21:18:41 GMT
content-length: 10654
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/payment-methods1.png
x-iinfo: 3-59484759-59484760 2NNN RT(1510701806939 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

payment-methods2.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/payment-methods2.png
https://www.bet90.com/img/payment-methods2.png

10 KB
10 KB

45ms
45ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/payment-methods2.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 763e513b0bc90417b56611460d61817b027e02abb5679c3bda51e3189208640f

Request headers

:path: /img/payment-methods2.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 19 Jun 2017 13:07:04 GMT
x-cdn: Incapsula
etag: "502980644"
status: 200
x-iinfo: 3-59484771-59484284 2VNN RT(1510701806976 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=1800, public
content-length: 9885
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/payment-methods2.png
x-iinfo: 3-59484761-59484282 2NNN RT(1510701806940 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

comodo111.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/comodo111.png
https://www.bet90.com/img/comodo111.png

1 KB
1 KB

45ms
44ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/comodo111.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 55581c00c5012460bf4ed45b2bb396ff2b27e90aa40aac94e2e48af7ad701706

Request headers

:path: /img/comodo111.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 10 Jul 2017 11:59:37 GMT
x-cdn: Incapsula
etag: "730419659"
status: 200
x-iinfo: 3-59484770-59483836 2VNN RT(1510701806976 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=1800, public
content-length: 1311
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/comodo111.png
x-iinfo: 3-59484762-59483836 2NNN RT(1510701806940 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

gamcare111.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/gamcare111.png
https://www.bet90.com/img/gamcare111.png

749 B
758 B

34ms
33ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/gamcare111.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 8cd2f792e3b89de150b92e885ae8c345144d60688142d00b62490514342c016b

Request headers

:path: /img/gamcare111.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 10 Jul 2017 12:00:18 GMT
x-cdn: Incapsula
etag: "886961323"
status: 200
x-iinfo: 3-59484782-59484285 2VNN RT(1510701807044 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 749
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/gamcare111.png
x-iinfo: 3-59484775-59484285 2NNN RT(1510701807016 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

gambleaware111.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/gambleaware111.png
https://www.bet90.com/img/gambleaware111.png

3 KB
3 KB

30ms
30ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/gambleaware111.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: f976b594571df74eee7d29bd8237c6b36c5d38904fcea169b7671c7eaac32e61

Request headers

:path: /img/gambleaware111.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 10 Jul 2017 12:00:04 GMT
x-cdn: Incapsula
etag: "997398507"
status: 200
x-iinfo: 3-59484783-59484503 2VNN RT(1510701807051 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 3511
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/gambleaware111.png
x-iinfo: 3-59484776-59484777 2NNN RT(1510701807021 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

minors111.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/minors111.png
https://www.bet90.com/img/minors111.png

642 B
651 B

30ms
30ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/minors111.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 1d3a575cad301b19b445afc70200c8a19026f2b21aabee9f69b8fb1834558cb4

Request headers

:path: /img/minors111.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 10 Jul 2017 11:59:51 GMT
x-cdn: Incapsula
etag: "588526427"
status: 200
x-iinfo: 3-59484785-59484284 2VNN RT(1510701807052 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 642
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/minors111.png
x-iinfo: 3-59484778-59484284 2NNN RT(1510701807022 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

mga_logo.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/mga_logo.png
https://www.bet90.com/img/mga_logo.png

4 KB
4 KB

29ms
29ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/mga_logo.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: f3f6f74203d7f23c4b8cb5ae48d64ce44396149a685c6d22154ae49fd676e074

Request headers

:path: /img/mga_logo.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 19 Jun 2017 13:02:38 GMT
x-cdn: Incapsula
etag: "2124097379"
status: 200
x-iinfo: 3-59484784-59484283 2VNN RT(1510701807051 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 4528
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/mga_logo.png
x-iinfo: 3-59484779-59483836 2NNN RT(1510701807023 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2 200 ceg-seal.js Show response
8094865436ad1eb94a3c.curacao-egaming.com/ Frame 1790 3 KB
3 KB 26ms
6ms Script
application/javascript 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://8094865436ad1eb94a3c.curacao-egaming.com/ceg-seal.js
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a22aa2907b4e6ed29b7c4bb0ec0580a2e389c1804b0751382b924c8ca37e6cca

Request headers

:path: /ceg-seal.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 8094865436ad1eb94a3c.curacao-egaming.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 26 Jun 2017 11:41:52 GMT
server: keycdn-engine
x-amz-request-id: 71640C22CC7A8E09
x-edge-location: defr
etag: "bc0c81197606abd94171dd6ab2186455"
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 3134
x-amz-id-2: KpIkE8KlxdylDmE7y+2WO5SGVNtvhJnFzgsCKcF/+scHy1ckBSPlcemc7cWraEuKUMfnPLMXfK0=

GET
H2 200 spacer-d17d9795.png
8094865436ad1eb94a3c.curacao-egaming.com/ Frame 1790 95 B
104 B 6ms
6ms Image
image/png 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8094865436ad1eb94a3c.curacao-egaming.com/spacer-d17d9795.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

:path: /spacer-d17d9795.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: 8094865436ad1eb94a3c.curacao-egaming.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 26 Jun 2017 11:41:53 GMT
server: keycdn-engine
x-amz-request-id: A1756DD84079C654
x-edge-location: defr
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 95
x-amz-id-2: +0Ue15mWlGPMwbxLzLGqGlM5T4BGCmVUMLia9LIxzLHGMdEFp+HNNKMRTXIEH49Pfkzt8D5AL04=

GET
H2 200 ceg-seal-basic-small-d17d9795.png
8094865436ad1eb94a3c.curacao-egaming.com/ Frame 1790 26 KB
27 KB 16ms
16ms Image
image/png 185.172.148.132
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8094865436ad1eb94a3c.curacao-egaming.com/ceg-seal-basic-small-d17d9795.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 67eb1041fbf1467e104c101749f05dc041677066f17e081ab34478cc533bfa11

Request headers

:path: /ceg-seal-basic-small-d17d9795.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: 8094865436ad1eb94a3c.curacao-egaming.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 26 Jun 2017 11:41:52 GMT
server: keycdn-engine
x-amz-request-id: 3CC502775FD3BE8E
x-edge-location: defr
etag: "863d96fe92487a2d669bc6824e267e8e"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27121
x-amz-id-2: rb+hvv4D+oi/GiI5uconEXKJYFRXdTOXwGFZQbS2iu+S7JfAp11/4EeDZP75lf2UwWZlaY9hOd4=

GET
H2 200 _Incapsula_Resource Show response
www.bet90.com/ Frame 1790 108 KB
16 KB 16ms
16ms Script
application/javascript 107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bet90.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2092605618
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: ef0ce18ac67f6acc2ba207402cd70443dc13d786bbabdefbe7f7b361a35ff2b8

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2092605618
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status: 200
content-encoding: gzip
cache-control: no-cache
content-length: 15989
content-type: application/javascript

GET
H2

200

debck-image1.jpg
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/debck-image1.jpg
https://www.bet90.com/img/debck-image1.jpg

240 KB
240 KB

32ms
31ms

Image
image/jpeg

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/debck-image1.jpg
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 44656dd3336b57f3bd76bae9a9d4636ed5f931d93eddb638929544aa663a358c

Request headers

:path: /img/debck-image1.jpg
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148; ___utmvc=r+k8OXdi5w6GVcvYA2AKHqzZE9kjDw5WqVRt9yI+f9vDwBhsqdg74+iMwDrdawM4Ny17Ya4g9Xb/i3V5YBnhhjRWJfQC7T8siXdmhZgMyt6SOj/tGq+vTXlUZKsw3do+1oikq7oIECxmEZyMgJEkPjag46orB/QwdNKN8yv+UOKq1RIh1sGd+xgq4D9igj13/iGSY2tv7r2itevACPjFHDqsbq+3Pao2XToiAaolBg0FMnP7xx4pB3IOM4DBeekP64ZcIEwnb7KJGPIDkxMKeu1jRQBN/5kkrgUH+QOYTGdnwPt/ng7lcntG0v9EL+Ghjo4t9hAet+0xTbdr9Iwe5h0EG4TaX0gNaJtxjBpNp2htHqYN3gUctPIyqSMIJmIkrgaT26JwqCmfBTlTYRmh1STXOErH04S2s7NsvbQX1MVBHKdbcy0+sf8s9Bn+33FxsAggibjlDo2d/NPa8u6lBWRagsT+hv8isDENgkOTwDqHklyOJj5vwO9Re+i79GLHHh3zWyYl+uTmLRJci2WFaTGQLq2RC72FmczZs1CDJ2MSJIZk9b/KjP0YL7A9issUi863/wJDNuzuTxJjvQ/3i8LLX3gUMUsyY43me7VCJDcPRObXyA3A5bqrOH8yb0OEwRF1oyDcDGISdJBAuurFWPDdcEJhooE+/BweDNUs19zCFr2C+4I/DWctRB1Ta+1ChqJOki8RY3xPDVzpwLwTLo5hS01S42KXKGoiUJuJO1oaT1O4b0gEr7gpJlIAVJ/eo9PSp3vXdnpNBsYdTVArqDJVtC7+rAzeGW4YeocvVv8iaDWufFpq0wDBGGjlTZmTPtlbLHhfhQXBKoZEIulNMVvqzWHgynlluIHLzgNG/kWpSzEap0GIaMzQYr3j/zOlvVNNKBgGJMwtBtaOGPBHKGp+Bi23dWccwtZhbCRz8cgT/mUeklgrd183Qcvq5lQ+QVboJdPsrdUZ4OxGrXMIEWirXDKFfFMV0MPxKTgPuQyyQdYd1BinVhyh8V27ZW2PaH8FNO2KPSabnIYg8FoMvqDPq/S8a9IcHwbeJgmf5xLtHlpyarpOVbzgioKRcpZ1XiYb01jIIiSyUcAhGfndhEpwzHbK0DEsZGlnZXN0PTgyMzI2LHM9ODY2OWFkNjk4ZjYzNjhhYTk1Nzg2ZTczNjI2NGFmODE4ODlhOTY4OTdiYTlhMWFjNjU5ZWEyYTBhYjg0NzlhNjg1YWI3ZmIxODA5YTZmNzM=
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Mon, 21 Aug 2017 14:02:56 GMT
x-cdn: Incapsula
etag: "1542978589"
status: 200
x-iinfo: 3-59484780-59484283 2VNN RT(1510701807023 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Mon, 06 Nov 2017 21:18:41 GMT
content-length: 245972
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/debck-image1.jpg
x-iinfo: 3-59484764-59484503 2NNN RT(1510701806967 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2 200 oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1790 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2

Requested by

Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/roboto/v18/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
pragma: no-cache
origin: https://www.bet90.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
Origin: https://www.bet90.com

Response headers

date: Wed, 08 Nov 2017 21:09:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:50 GMT
server: sffe
age: 526440
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 10748
x-xss-protection: 1; mode=block
expires: Thu, 08 Nov 2018 21:09:27 GMT

GET
H2 200 t6Nd4cfPRhZP44Q5QAjcC4gp9Q8gbYrhqGlRav_IXfk.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1790 12 KB
12 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/t6Nd4cfPRhZP44Q5QAjcC4gp9Q8gbYrhqGlRav_IXfk.woff2

Requested by

Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/roboto/v18/t6Nd4cfPRhZP44Q5QAjcC4gp9Q8gbYrhqGlRav_IXfk.woff2
pragma: no-cache
origin: https://www.bet90.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
Origin: https://www.bet90.com

Response headers

date: Fri, 10 Nov 2017 08:49:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:10 GMT
server: sffe
age: 398054
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12368
x-xss-protection: 1; mode=block
expires: Sat, 10 Nov 2018 08:49:13 GMT

GET
H2 200 vPcynSL0qHq_6dX7lKVByXYhjbSpvc47ee6xR_80Hnw.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1790 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/vPcynSL0qHq_6dX7lKVByXYhjbSpvc47ee6xR_80Hnw.woff2

Requested by

Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/roboto/v18/vPcynSL0qHq_6dX7lKVByXYhjbSpvc47ee6xR_80Hnw.woff2
pragma: no-cache
origin: https://www.bet90.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
Origin: https://www.bet90.com

Response headers

date: Fri, 10 Nov 2017 08:31:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:48 GMT
server: sffe
age: 399109
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12352
x-xss-protection: 1; mode=block
expires: Sat, 10 Nov 2018 08:31:38 GMT

GET
H2 200 d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1790 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2

Requested by

Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/roboto/v18/d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
pragma: no-cache
origin: https://www.bet90.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext
Origin: https://www.bet90.com

Response headers

date: Wed, 08 Nov 2017 02:25:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 593882
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Thu, 08 Nov 2018 02:25:25 GMT

GET
H2

200

thw-kiel-logo-bw.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/thw-kiel-logo-bw.png
https://www.bet90.com/img/thw-kiel-logo-bw.png

10 KB
10 KB

29ms
29ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/thw-kiel-logo-bw.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 7953d6b67b8153de49c1a5a81dd4c1b7219ed9b4f10bdd81d722e5f2a42b4339

Request headers

:path: /img/thw-kiel-logo-bw.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Thu, 20 Jul 2017 09:12:24 GMT
x-cdn: Incapsula
etag: "1732668319"
status: 200
x-iinfo: 3-59484789-59484285 2VNN RT(1510701807071 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=1800, public
content-length: 10276
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/thw-kiel-logo-bw.png
x-iinfo: 3-59484781-59484760 2NNN RT(1510701807040 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2

200

FC_Logo-bw.png
www.bet90.com/img/ Frame 1790
Redirect Chain

https://bet90.com/img/FC_Logo-bw.png
https://www.bet90.com/img/FC_Logo-bw.png

145 KB
145 KB

32ms
32ms

Image
image/png

107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/img/FC_Logo-bw.png
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: 39aad3adc50ddb57dac9a4ff2240088a1411d05db733157d801d73935743cb85

Request headers

:path: /img/FC_Logo-bw.png
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 14 Nov 2017 23:23:27 GMT
last-modified: Thu, 20 Jul 2017 09:11:53 GMT
x-cdn: Incapsula
etag: "1440675279"
status: 200
x-iinfo: 3-59484793-59484788 2VNN RT(1510701807087 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=1800, public
content-length: 148514
expires: Tue, 14 Nov 2017 23:53:27 GMT

Redirect headers

date: Tue, 14 Nov 2017 23:23:27 GMT
server: SBTech
status: 301
content-type: text/html
location: https://www.bet90.com/img/FC_Logo-bw.png
x-iinfo: 3-59484787-59484788 2NNN RT(1510701807056 0) q(0 0 0 -1) r(0 0) U11
content-length: 178
x-cdn: Incapsula

GET
H2 200 _Incapsula_Resource
www.bet90.com/ Frame 1790 1 B
10 B 13ms
12ms Image
text/plain 107.154.132.111
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bet90.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9455428554552556
Requested by: Host: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.132.111 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.132.111.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.9455428554552556
pragma: no-cache
cookie: btCookie_IncomeAccessBTAG=654433_4F0F3450E26B4FA89FD5F74A6826B0B5; firstrequest=aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_; cTz=1; oSt2=1; visid_incap_1116900=8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc; incap_ses_474_1116900=sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==; sbtssid=1igeuxfkqyq5t4uctkpqeylo; lng=1148; ___utmvc=r+k8OXdi5w6GVcvYA2AKHqzZE9kjDw5WqVRt9yI+f9vDwBhsqdg74+iMwDrdawM4Ny17Ya4g9Xb/i3V5YBnhhjRWJfQC7T8siXdmhZgMyt6SOj/tGq+vTXlUZKsw3do+1oikq7oIECxmEZyMgJEkPjag46orB/QwdNKN8yv+UOKq1RIh1sGd+xgq4D9igj13/iGSY2tv7r2itevACPjFHDqsbq+3Pao2XToiAaolBg0FMnP7xx4pB3IOM4DBeekP64ZcIEwnb7KJGPIDkxMKeu1jRQBN/5kkrgUH+QOYTGdnwPt/ng7lcntG0v9EL+Ghjo4t9hAet+0xTbdr9Iwe5h0EG4TaX0gNaJtxjBpNp2htHqYN3gUctPIyqSMIJmIkrgaT26JwqCmfBTlTYRmh1STXOErH04S2s7NsvbQX1MVBHKdbcy0+sf8s9Bn+33FxsAggibjlDo2d/NPa8u6lBWRagsT+hv8isDENgkOTwDqHklyOJj5vwO9Re+i79GLHHh3zWyYl+uTmLRJci2WFaTGQLq2RC72FmczZs1CDJ2MSJIZk9b/KjP0YL7A9issUi863/wJDNuzuTxJjvQ/3i8LLX3gUMUsyY43me7VCJDcPRObXyA3A5bqrOH8yb0OEwRF1oyDcDGISdJBAuurFWPDdcEJhooE+/BweDNUs19zCFr2C+4I/DWctRB1Ta+1ChqJOki8RY3xPDVzpwLwTLo5hS01S42KXKGoiUJuJO1oaT1O4b0gEr7gpJlIAVJ/eo9PSp3vXdnpNBsYdTVArqDJVtC7+rAzeGW4YeocvVv8iaDWufFpq0wDBGGjlTZmTPtlbLHhfhQXBKoZEIulNMVvqzWHgynlluIHLzgNG/kWpSzEap0GIaMzQYr3j/zOlvVNNKBgGJMwtBtaOGPBHKGp+Bi23dWccwtZhbCRz8cgT/mUeklgrd183Qcvq5lQ+QVboJdPsrdUZ4OxGrXMIEWirXDKFfFMV0MPxKTgPuQyyQdYd1BinVhyh8V27ZW2PaH8FNO2KPSabnIYg8FoMvqDPq/S8a9IcHwbeJgmf5xLtHlpyarpOVbzgioKRcpZ1XiYb01jIIiSyUcAhGfndhEpwzHbK0DEsZGlnZXN0PTgyMzI2LHM9ODY2OWFkNjk4ZjYzNjhhYTk1Nzg2ZTczNjI2NGFmODE4ODlhOTY4OTdiYTlhMWFjNjU5ZWEyYTBhYjg0NzlhNjg1YWI3ZmIxODA5YTZmNzM=
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.bet90.com
referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
:scheme: https
:method: GET
Referer: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status: 200
cache-control: no-cache
content-length: 1
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: n156adserv.com
URL: http://n156adserv.com/ads?key=ef3ec3df3f13229a580002f0d30271da&ch=&width=0&height=0

Domain: www.linkbucks.com
URL: http://www.linkbucks.com/AR0gd

Domain: cdn-e2.adverserve.net
URL: https://cdn-e2.adverserve.net/bet90_popunder/Bet90_Popunder_DE.html

Domain: www.bet90.com
URL: https://www.bet90.com/promotions/welcome-offers/?langid=1148&btag=654433_4F0F3450E26B4FA89FD5F74A6826B0B5

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bet90.com/	1970-01-01 00:00:00	Name: incap_ses_474_1116900 Value: sTr4MtHQsknka3IgGf2TBu56C1oAAAAAFOkulnrJBM1leRIs7cgg4g==
.bet90.com/	1978-01-11 21:31:40	Name: cTz Value: 1
.bet90.com/	1978-01-11 21:31:40	Name: lng Value: 1148
.bet90.com/	1970-01-01 00:00:00	Name: sbtssid Value: 1igeuxfkqyq5t4uctkpqeylo
.bet90.com/	1970-01-18 20:23:50	Name: visid_incap_1116900 Value: 8trdu/7qQLC6/0fP9vmW2u56C1oAAAAAQUIPAAAAAACypP0rWbGghYSjRWhAVvNc
.bet90.com/	1970-01-18 11:42:41	Name: firstrequest Value: aHR0cDovL3d3dy5iZXQ5MC5jb20vcHJvbW90aW9ucy93ZWxjb21lLW9mZmVycy8/bGFuZ2lkPTExNDgmYnRhZz02NTQ0MzNfNEYwRjM0NTBFMjZCNEZBODlGRDVGNzRBNjgyNkIwQjU_
.bet90.com/	1978-01-11 21:31:40	Name: oSt2 Value: 1
.bet90.com/	1970-01-18 12:21:33	Name: btCookie_IncomeAccessBTAG Value: 654433_4F0F3450E26B4FA89FD5F74A6826B0B5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 2) Message: E2 Debugging \| Werbemittel Aufruf gestartet \| kid=2187865 bid=7433990 cid=3935772 \| 1x1 \| Zusatzinformation

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8094865436ad1eb94a3c.curacao-egaming.com
ad1.adfarm1.adition.com
bet90.com
cdn-e2.adverserve.net
click.smytrafficfilter.com
fonts.googleapis.com
fonts.gstatic.com
get35.com
imagesrv.adition.com
n156adserv.com
www.bet90.com
www.google-analytics.com
www.linkbucks.com
cdn-e2.adverserve.net
n156adserv.com
www.bet90.com
www.linkbucks.com
104.20.12.25
104.20.13.25
107.154.132.111
185.172.148.132
199.212.255.138
206.54.177.233
212.124.115.210
217.79.188.11
217.79.188.2
23.111.11.78
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:814::200e
084dc8667c3daf90da59b994d6b4a4fd545b37f22ee597605b787181207d33a7
0866d14e69e10eedda46655e32c88358d1e8fb6ff0d7ff9b20f73d2e89b70cc5
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1d3a575cad301b19b445afc70200c8a19026f2b21aabee9f69b8fb1834558cb4
22ddf8cd9800105775a5227dc62195726edb2c07b0656273bd7008cd7edbe9de
30e3791676fdd895a1c934596e7bfed6dc408af13b13f7ad0512d36136b291b0
39aad3adc50ddb57dac9a4ff2240088a1411d05db733157d801d73935743cb85
3ae827e7645b03278e38ee547029f4ac8adfd88c6f428d6ca88eed205cff44de
3e65c3cac95d50b82b1490ebca6006e6609d77890c5e1d05e5c9de9952417519
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44656dd3336b57f3bd76bae9a9d4636ed5f931d93eddb638929544aa663a358c
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
55581c00c5012460bf4ed45b2bb396ff2b27e90aa40aac94e2e48af7ad701706
556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9
57021d01dfa35545acab100ac83415a3cd1af0a2babff66171ff0770e479850a
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
67eb1041fbf1467e104c101749f05dc041677066f17e081ab34478cc533bfa11
763e513b0bc90417b56611460d61817b027e02abb5679c3bda51e3189208640f
7953d6b67b8153de49c1a5a81dd4c1b7219ed9b4f10bdd81d722e5f2a42b4339
7d73633b897dd91621460197a7cc6d2f2353b30aa54102b6ccd29e5cc49dc91d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c06cad4a625571e459328609b24f22755275dac4c577d9d4e0d7569aa39ca2c
8cd2f792e3b89de150b92e885ae8c345144d60688142d00b62490514342c016b
90bb7b964e8aee4f0caf5b45ccd36d2fb7057a46bbb6fccf0439912764015b4f
a22aa2907b4e6ed29b7c4bb0ec0580a2e389c1804b0751382b924c8ca37e6cca
a751d6f065b95accaa4b6fbe857ba2534d28c3eb682b6f5bb0b3ed322b35e846
ac7e5e2f553bc944caa19ef20d310a3eb7f65814b31b6976618b33639365cf7f
b9b712e81d2a80c8193c3b48294b50a900acc12626b77691fb5cab7e05fb4079
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4f2c4c513b8337a171783e878b60b17b013cec3e1d3dd37c12880df3ba7d82
ed20e86021fbd5b9d489483cded4dba5daebdc3db1c29e656c49bf9b7c2e3c21
ef0ce18ac67f6acc2ba207402cd70443dc13d786bbabdefbe7f7b361a35ff2b8
f3f6f74203d7f23c4b8cb5ae48d64ce44396149a685c6d22154ae49fd676e074
f489ba4ca5fa974e80cb424a4caa512d20dee888687988ee5a88c8fa91ba0450
f976b594571df74eee7d29bd8237c6b36c5d38904fcea169b7671c7eaac32e61
feeb3befef4e4450a2363ec179f9c397d0f9a735b216698bb3f8b44262be7f28

click.smytrafficfilter.com Open in urlscan Pro 199.212.255.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

72 %HTTPS

23 %IPv6

11 Domains

13 Subdomains

13 IPs

5 Countries

901 kBTransfer

1093 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

click.smytrafficfilter.com Open in urlscan Pro
199.212.255.138 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

72 %
HTTPS

23 %
IPv6

11
Domains

13
Subdomains

13
IPs

5
Countries

901 kB
Transfer

1093 kB
Size

8
Cookies

43 HTTP transactions
0 data transactions