urlscan.io logo urlscan.io
SecurityTrails logo

ro.betano.com Open in urlscan Pro
2606:4700::6811:5559  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ag0209.gways.net/print/UIHA7/LVP2D0/?cid=15588425791567799204034591609024264
Effective URL: https://ro.betano.com/myaccount/ban/country-284180
Submission: On May 26 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 15 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6811:5559, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ro.betano.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 2nd 2019. Valid for: 6 months.
This is the only time ro.betano.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.31.172.34 16509 (AMAZON-02)
2 148.69.64.76 12353 (VODAFONE-...)
1 148.69.64.74 12353 (VODAFONE-...)
2 2 91.92.196.190 49882 (SKRILL)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.162 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
29 15
1    52.31.172.34 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-172-34.eu-west-1.compute.amazonaws.com
ag0209.gways.net
2    148.69.64.76 (Lisbon, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
clevernt.com
sender.clevernt.com
1    148.69.64.74 (Lisbon, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: bus.clevernt.com
bus.clevernt.com
2    91.92.196.190 (United Kingdom)

ASN49882 (SKRILL, GB)
wlstoiximan.adsrv.eacdn.com
3    2606:4700::6811:5559 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ro.betano.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2606:4700::6813:b110 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.gmlinteractive.com
2    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
6 static.gmlinteractive.com ro.betano.com
3 connect.facebook.net clevernt.com
connect.facebook.net
3 ro.betano.com 2 redirects bus.clevernt.com
2 www.facebook.com ro.betano.com
2 www.google.de ro.betano.com
2 www.google.com ro.betano.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 fonts.gstatic.com ro.betano.com
2 www.google-analytics.com 1 redirects ro.betano.com
2 www.googletagmanager.com ro.betano.com
2 wlstoiximan.adsrv.eacdn.com 2 redirects
1 stats.g.doubleclick.net ro.betano.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.googleapis.com ro.betano.com
1 bus.clevernt.com sender.clevernt.com
1 sender.clevernt.com clevernt.com
1 clevernt.com
1 ag0209.gways.net 1 redirects
29 18

This site contains no links.

Subject Issuer Validity Valid
sender.clevernt.com
Let's Encrypt Authority X3		 2019-03-18 -
2019-06-16		 3 months crt.sh
bus.clevernt.com
Let's Encrypt Authority X3		 2019-05-14 -
2019-08-12		 3 months crt.sh
ssl713727.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-02 -
2019-10-09		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
ssl945358.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-11-26 -
2019-09-18		 10 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ro.betano.com/myaccount/ban/country-284180
Frame ID: CE6F2036133743D7EBB6AC6953710608
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ag0209.gways.net/print/UIHA7/LVP2D0/?cid=15588425791567799204034591609024264 HTTP 302
    http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg Page URL
  2. https://sender.clevernt.com/transporter/23582.php?r=831973933&ref=aHR0cDovL2NsZXZlcm50LmNvbS9yZWRpcmVjdD... Page URL
  3. https://bus.clevernt.com/iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4Boxh... Page URL
  4. https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380 HTTP 302
    https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380&AutoR=1 HTTP 302
    https://ro.betano.com/?btag=a_361b_68c_G13-AR-1380&siteid=361 HTTP 302
    https://ro.betano.com/?siteid=361 HTTP 302
    https://ro.betano.com/myaccount/ban/country-284180 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^requirejs$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

29
Requests

97 %
HTTPS

71 %
IPv6

15
Domains

18
Subdomains

15
IPs

6
Countries

598 kB
Transfer

1679 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ag0209.gways.net/print/UIHA7/LVP2D0/?cid=15588425791567799204034591609024264 HTTP 302
    http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg Page URL
  2. https://sender.clevernt.com/transporter/23582.php?r=831973933&ref=aHR0cDovL2NsZXZlcm50LmNvbS9yZWRpcmVjdDIzNTgyLz9jbGlja2lkPUxWUDJEMDE1NTg4NDMxMDliYXU5NTJ2amtnOHFlNDZpdWJxZw%3D%3D&tok=987261260519162789&wn=&sw=1600&sh=1200&res=1600x1200&c=2&ruri= Page URL
  3. https://bus.clevernt.com/iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4BoxhBSsvWoPRDhBbJIw2iO2piFIV7QMvQcynmOw2OnAuWlGAKuN5LSMiYxP9fQSIeWUAFhU7hoZsmlTF50bfUoPQcfUJH_Mxi5ZD4qLhJdEM-t7bukuclFpmj0Dpa7i6GGLgSVmOmgm2Tw==.html Page URL
  4. https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380 HTTP 302
    https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380&AutoR=1 HTTP 302
    https://ro.betano.com/?btag=a_361b_68c_G13-AR-1380&siteid=361 HTTP 302
    https://ro.betano.com/?siteid=361 HTTP 302
    https://ro.betano.com/myaccount/ban/country-284180 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ag0209.gways.net/print/UIHA7/LVP2D0/?cid=15588425791567799204034591609024264 HTTP 302
  • http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=334779240&t=pageview&_s=1&dl=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=368703696&gjid=1307781307&cid=561340851.1558843111&tid=UA-76226148-1&_gid=22295198.1558843111&_r=1&gtm=2wg5f2MRSD45L&z=617869609 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76226148-1&cid=561340851.1558843111&jid=368703696&_gid=22295198.1558843111&gjid=1307781307&_v=j75&z=617869609

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
clevernt.com/redirect23582/
Redirect Chain
  • https://ag0209.gways.net/print/UIHA7/LVP2D0/?cid=15588425791567799204034591609024264
  • http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
Protocol
HTTP/1.1
Server
148.69.64.76 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
18821b0e24ca29be119d71198978d39a18227afe6bd625d06eadf4175594d78b

Request headers

Host
clevernt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Sun, 26 May 2019 03:58:29 GMT
Content-Type
text/html
Last-Modified
Sun, 26 May 2019 01:01:37 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5ce9e571-1dab"
Expires
Sun, 26 May 2019 04:58:29 GMT
Cache-Control
max-age=3600
Content-Encoding
gzip

Redirect headers

status
302
date
Sun, 26 May 2019 03:58:29 GMT
content-type
text/html
content-length
158
location
http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
server
openresty
set-cookie
_crouge=LVP2D01558843109bau952vjkg8qe46iubqg_1558843109_uiha7;Path=/;
clickid
LVP2D01558843109bau952vjkg8qe46iubqg
dbg
UIHA7|167|-|720|LVP2D0|-|-|-
target
http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
23582.php
sender.clevernt.com/transporter/ 		920 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sender.clevernt.com/transporter/23582.php?r=831973933&ref=aHR0cDovL2NsZXZlcm50LmNvbS9yZWRpcmVjdDIzNTgyLz9jbGlja2lkPUxWUDJEMDE1NTg4NDMxMDliYXU5NTJ2amtnOHFlNDZpdWJxZw%3D%3D&tok=987261260519162789&wn=&sw=1600&sh=1200&res=1600x1200&c=2&ruri=
Requested by
Host: clevernt.com
URL: http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.76 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
9bd6a2628dc63f93b3c7e677905f4e7771512595e798c06925e59d69b1909e3f

Request headers

:method
GET
:authority
sender.clevernt.com
:scheme
https
:path
/transporter/23582.php?r=831973933&ref=aHR0cDovL2NsZXZlcm50LmNvbS9yZWRpcmVjdDIzNTgyLz9jbGlja2lkPUxWUDJEMDE1NTg4NDMxMDliYXU5NTJ2amtnOHFlNDZpdWJxZw%3D%3D&tok=987261260519162789&wn=&sw=1600&sh=1200&res=1600x1200&c=2&ruri=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg

Response headers

status
200
server
nginx
date
Sun, 26 May 2019 03:58:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
hstpv4user=eyJJRCI6IjU5MjI3NTg0YXJlNWNlYTBlZTU5NGRkYyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJNYWNPU1giLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOiIzMTEwNjQ4MDM3IiwiTGFzdFVwZGF0ZSI6MTU1ODg0MzEwOX0%3D; expires=Wed, 23-May-2029 03:58:29 GMT; Max-Age=315360000; path=/; domain=.clevernt.com hstpv4=ODAwMjItMC1ERQ%3D%3D; expires=Mon, 25-May-2020 03:58:29 GMT; Max-Age=31536000; path=/; domain=.clevernt.com
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Sun, 26 May 2019 03:58:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4BoxhBSsvWoPRDhBbJIw2iO2piFIV7QMvQcynmOw2OnAuWlGAKuN5LSMiYxP9fQSIeWUAFhU7hoZsmlTF50bfUoPQcfUJH_Mxi5ZD4qLhJdEM-t7bukuclFpmj0Dpa...
bus.clevernt.com/ 		465 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bus.clevernt.com/iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4BoxhBSsvWoPRDhBbJIw2iO2piFIV7QMvQcynmOw2OnAuWlGAKuN5LSMiYxP9fQSIeWUAFhU7hoZsmlTF50bfUoPQcfUJH_Mxi5ZD4qLhJdEM-t7bukuclFpmj0Dpa7i6GGLgSVmOmgm2Tw==.html
Requested by
Host: sender.clevernt.com
URL: https://sender.clevernt.com/transporter/23582.php?r=831973933&ref=aHR0cDovL2NsZXZlcm50LmNvbS9yZWRpcmVjdDIzNTgyLz9jbGlja2lkPUxWUDJEMDE1NTg4NDMxMDliYXU5NTJ2amtnOHFlNDZpdWJxZw%3D%3D&tok=987261260519162789&wn=&sw=1600&sh=1200&res=1600x1200&c=2&ruri=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.69.64.74 Lisbon, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
bus.clevernt.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
bus.clevernt.com
:scheme
https
:path
/iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4BoxhBSsvWoPRDhBbJIw2iO2piFIV7QMvQcynmOw2OnAuWlGAKuN5LSMiYxP9fQSIeWUAFhU7hoZsmlTF50bfUoPQcfUJH_Mxi5ZD4qLhJdEM-t7bukuclFpmj0Dpa7i6GGLgSVmOmgm2Tw==.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
hstpv4user=eyJJRCI6IjU5MjI3NTg0YXJlNWNlYTBlZTU5NGRkYyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJNYWNPU1giLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOiIzMTEwNjQ4MDM3IiwiTGFzdFVwZGF0ZSI6MTU1ODg0MzEwOX0%3D; hstpv4=ODAwMjItMC1ERQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Sun, 26 May 2019 03:58:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
Primary Request country-284180
ro.betano.com/myaccount/ban/
Redirect Chain
  • https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380
  • https://wlstoiximan.adsrv.eacdn.com/C.ashx?btag=a_361b_68c_&affid=139&siteid=361&adid=68&c=G13-AR-1380&AutoR=1
  • https://ro.betano.com/?btag=a_361b_68c_G13-AR-1380&siteid=361
  • https://ro.betano.com/?siteid=361
  • https://ro.betano.com/myaccount/ban/country-284180
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ro.betano.com/myaccount/ban/country-284180
Requested by
Host: bus.clevernt.com
URL: https://bus.clevernt.com/iHMpEME-NZJ0Uhy0E8MjSNsbOWMVaU5vcrX9EU9Kxax35TBsbi_sQsGaW07Ym8jTm3qm6td4BoxhBSsvWoPRDhBbJIw2iO2piFIV7QMvQcynmOw2OnAuWlGAKuN5LSMiYxP9fQSIeWUAFhU7hoZsmlTF50bfUoPQcfUJH_Mxi5ZD4qLhJdEM-t7bukuclFpmj0Dpa7i6GGLgSVmOmgm2Tw==.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
116cfc45cc4700aec59d23bff2f48eb1c0c3dcb9fe92577f0bcc68e6c911296a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.com:*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ro.betano.com
:scheme
https
:path
/myaccount/ban/country-284180
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
_landing=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sun, 26 May 2019 03:58:31 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd8f0895501884c6da0404401342aa4cb1558843111; expires=Mon, 25-May-20 03:58:31 GMT; path=/; domain=.betano.com; HttpOnly __RequestVerificationToken=1InsR8y_aF1P59VEIMvOCxEYi49pyUeo72o6LipzicDV7IcXwXrgnL970ikqmzmKw7sNwF-qOSDl7cn2LtguqWPreaAJyiRQ9dMTswzPSzE1; path=/; secure; HttpOnly sticky=stx43.188
content-security-policy
frame-ancestors https://*.betano.com:*
x-farm
3
age
0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-encoding
gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4dccd4c4fe00d701-FRA

Redirect headers

status
302
date
Sun, 26 May 2019 03:58:31 GMT
content-type
text/html; charset=utf-8
content-length
146
location
/myaccount/ban/country-284180
content-security-policy
frame-ancestors https://*.betano.com:*
set-cookie
_landing=1; expires=Tue, 26-May-2020 03:58:30 GMT; path=/; secure
x-farm
28
age
0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4dccd4c0ee97d701-FRA
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
678221938b349cc06a42e2f9c817712ee18ea1cbf48e300cb6a4e34853dbccd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 26 May 2019 03:58:31 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 26 May 2019 03:58:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 26 May 2019 03:58:31 GMT
betano.css
static.gmlinteractive.com/myaccount/css/ 		394 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.gmlinteractive.com/myaccount/css/betano.css?jZs5KN5WW_RHeaPEgEnRDQ28
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a941692a764c1e8f38075ece8dcac8d9b517215e79c193baf56e72ff36a9728

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
etag
"7554db63b910d51:0"
cf-cache-status
HIT
last-modified
Wed, 22 May 2019 16:14:10 GMT
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
x-farm
14
cache-control
public, max-age=14400
cf-ray
4dccd4c5b84dd6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
no-ie-betano.css
static.gmlinteractive.com/myaccount/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.gmlinteractive.com/myaccount/css/no-ie-betano.css?uLsQ8vge45Jrqr6D93lnUQ28
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d6e5646255db570dd950f7f502b37fbe8b8af950382c12b6a66bbc0592e4cb69

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
ASP.NET
status
200
content-length
2128
last-modified
Wed, 22 May 2019 16:14:10 GMT
server
cloudflare
etag
"977bdb63b910d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-farm
14
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4dccd4c5b84fd6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
modernizr-custom.js
static.gmlinteractive.com/myaccount/js/thirdparty/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.gmlinteractive.com/myaccount/js/thirdparty/modernizr-custom.js?Vg8uRmBKDs4-zGlCYSCmaw28
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e82db7a4f0832f60b27dc79cf27983e545d0521312436d9e1ea537b2f54a59f8

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
ASP.NET
status
200
content-length
2405
last-modified
Wed, 06 Mar 2019 12:14:55 GMT
server
cloudflare
etag
"c5f7f3516d4d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-farm
15
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4dccd4c5b850d6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-925512119
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
89c8851852f29a95db46024c2b8f9b9e58670e5a4badec2a5c2d53e423f440f4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
br
last-modified
Fri, 24 May 2019 18:18:32 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25270
x-xss-protection
0
expires
Sun, 26 May 2019 03:58:31 GMT
messages.client.ro.ctxt.js
static.gmlinteractive.com/myaccount/js/resources/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.gmlinteractive.com/myaccount/js/resources/messages.client.ro.ctxt.js?VupPyqeU4mimXllpvJ0eKg28
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
06ea56a81f2873595cbf1acdd06f1e39a45e7cf6581a008c3604b91a52a40613

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
ASP.NET
status
200
content-length
5600
last-modified
Wed, 22 May 2019 16:14:09 GMT
server
cloudflare
etag
"bf25063b910d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-farm
15
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4dccd4c5b852d6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
myaccount.min.js
static.gmlinteractive.com/myaccount/js/ 		642 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.gmlinteractive.com/myaccount/js/myaccount.min.js?zbpRlREvO6z_nUmUJ_r3hQ28
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5c3bf3c44b476debe9ef30923782696f36a7171d16175cf4803f9df30c0176a4

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
etag
"f173213ab910d51:0"
cf-cache-status
HIT
last-modified
Wed, 22 May 2019 16:13:00 GMT
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-farm
15
cache-control
public, max-age=14400
cf-ray
4dccd4c5b851d6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
1558
date
Sun, 26 May 2019 03:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Sun, 26 May 2019 05:32:33 GMT
gtm.js
www.googletagmanager.com/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRSD45L
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
26aaacb02d566e44184c224996118a264c71771844468a0840c8649dff6a33b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
br
last-modified
Fri, 24 May 2019 18:18:32 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22685
x-xss-protection
0
expires
Sun, 26 May 2019 03:58:31 GMT
betano_sprite.png
static.gmlinteractive.com/myaccount/images/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.gmlinteractive.com/myaccount/images/betano_sprite.png?abfabc34-1558541650672
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d025ca3fc035438bf68c6ef029c9f573bf84c81e67554f494e0fa0ae5a88250b

Request headers

Referer
https://static.gmlinteractive.com/myaccount/css/betano.css?jZs5KN5WW_RHeaPEgEnRDQ28
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
cf-cache-status
HIT
x-powered-by
ASP.NET
status
200
content-disposition
inline; filename="betano_sprite.webp"
cf-bgj
imgq:100
content-length
87294
last-modified
Thu, 09 May 2019 15:40:35 GMT
server
cloudflare
etag
"bd3d5a8b7d6d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
x-farm
15
cache-control
public, max-age=14400
cf-polished
origFmt=png, origSize=105050
accept-ranges
bytes
cf-ray
4dccd4c5f8c1d6e1-FRA
expires
Sun, 26 May 2019 07:58:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext
Origin
https://ro.betano.com

Response headers

date
Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
5297900
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:11 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext
Origin
https://ro.betano.com

Response headers

date
Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
5297939
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-925512119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8870
x-xss-protection
0
server
cafe
etag
2606668133852809251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 May 2019 03:58:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: clevernt.com
URL: http://clevernt.com/redirect23582/?clickid=LVP2D01558843109bau952vjkg8qe46iubqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
LMjlrWXxN5hzfIPkF5a2XAHtNhELdjhc1BtZYSEbmymffiEtDxxLoeC1TjuPC3L2+7PSq15yKlC8i27nfJ/dbA==
date
Sun, 26 May 2019 03:58:31 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=334779240&t=pageview&_s=1&dl=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76226148-1&cid=561340851.1558843111&jid=368703696&_gid=22295198.1558843111&gjid=1307781307&_v=j75&z=617869609
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76226148-1&cid=561340851.1558843111&jid=368703696&_gid=22295198.1558843111&gjid=1307781307&_v=j75&z=617869609
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sun, 26 May 2019 03:58:31 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76226148-1&cid=561340851.1558843111&jid=368703696&_gid=22295198.1558843111&gjid=1307781307&_v=j75&z=617869609
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
415
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/?random=1558843111443&cv=9&fst=1558843111443&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e8402b49e6b57ed525e4722b3b7e732638f4b580a499857dc6b8b492b261361e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
929
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925512119/?random=1558843111448&cv=9&fst=1558843111448&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7eb47b7c55bb3587e13b3d921b828c663a82157eb8d2608f15aae13e37a949b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
964
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
283972702385232
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/283972702385232?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
75d46b2d335e6573e7fb9263178a86202a8ca2ba0640cc35fdc286382db9e2f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56215
x-xss-protection
0
pragma
public
x-fb-debug
92yQL7TDq6lbmorXL3GWTo+Iq0vVKldhzoZhTet2ZuQksjAR9pCVTFh1z/oHXjsTZ3kV6O0Plq/S2XOQ4KDvWA==
date
Sun, 26 May 2019 03:58:31 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/925512119/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/925512119/?random=1558843111443&cv=9&fst=1558839600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&fmt=3&cdct=2&is_vtc=1&random=3180040065&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/925512119/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/925512119/?random=1558843111443&cv=9&fst=1558839600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&fmt=3&cdct=2&is_vtc=1&random=3180040065&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/925512119/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/925512119/?random=1558843111448&cv=9&fst=1558839600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&fmt=3&cdct=2&is_vtc=1&random=3099166726&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/925512119/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/925512119/?random=1558843111448&cv=9&fst=1558839600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&async=1&fmt=3&cdct=2&is_vtc=1&random=3099166726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 May 2019 03:58:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
Y9mD/cCBlSWjDPd/xBEswm1VlUH0aunnwnNuiA+WqDjVXpfkhnnw3tOUtQ5pS1HRuQWbFrAwZXMb0gHrP4Rb4Q==
date
Sun, 26 May 2019 03:58:31 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=283972702385232&ev=PageView&dl=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&rl=&if=false&ts=1558843111525&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1558843111525.30036421&it=1558843111485&coo=false&rqm=GET
Requested by
Host: ro.betano.com
URL: https://ro.betano.com/myaccount/ban/country-284180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sun, 26 May 2019 03:58:31 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=283972702385232&ev=Microdata&dl=https%3A%2F%2Fro.betano.com%2Fmyaccount%2Fban%2Fcountry-284180&rl=&if=false&ts=1558843113029&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1558843111525.30036421&it=1558843111485&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ro.betano.com/myaccount/ban/country-284180
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 26 May 2019 03:58:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sun, 26 May 2019 03:58:33 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Modernizr string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| myaccount object| google_tag_manager object| resourceJson object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq function| requirejs function| require function| define function| $ function| jQuery object| html5 object| respond function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| jQuery111309542609932638126 function| cssmap object| excludeFromPrefix object| a function| blockPage object| __core-js_shared__

11 Cookies

Domain/Path Name / Value
ro.betano.com/ Name: _tz_intl
Value: UTC
.betano.com/ Name: _gat_UA-76226148-1
Value: 1
ro.betano.com/ Name: _tz
Value: 0
.betano.com/ Name: _gid
Value: GA1.2.22295198.1558843111
.betano.com/ Name: _fbp
Value: fb.1.1558843111525.30036421
.betano.com/ Name: _gcl_au
Value: 1.1.242355490.1558843111
ro.betano.com/ Name: __RequestVerificationToken
Value: 1InsR8y_aF1P59VEIMvOCxEYi49pyUeo72o6LipzicDV7IcXwXrgnL970ikqmzmKw7sNwF-qOSDl7cn2LtguqWPreaAJyiRQ9dMTswzPSzE1
ro.betano.com/ Name: _landing
Value: 1
ro.betano.com/myaccount/ban Name: sticky
Value: stx43.188
.betano.com/ Name: _ga
Value: GA1.2.561340851.1558843111
.betano.com/ Name: __cfduid
Value: dd8f0895501884c6da0404401342aa4cb1558843111

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ag0209.gways.net
bus.clevernt.com
clevernt.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ro.betano.com
sender.clevernt.com
static.gmlinteractive.com
stats.g.doubleclick.net
wlstoiximan.adsrv.eacdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
148.69.64.74
148.69.64.76
172.217.16.162
2606:4700::6811:5559
2606:4700::6813:b110
2a00:1450:4001:809::2002
2a00:1450:4001:815::200e
2a00:1450:4001:816::2004
2a00:1450:4001:818::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:821::2003
2a00:1450:400c:c08::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.31.172.34
91.92.196.190
06ea56a81f2873595cbf1acdd06f1e39a45e7cf6581a008c3604b91a52a40613
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116cfc45cc4700aec59d23bff2f48eb1c0c3dcb9fe92577f0bcc68e6c911296a
18821b0e24ca29be119d71198978d39a18227afe6bd625d06eadf4175594d78b
26aaacb02d566e44184c224996118a264c71771844468a0840c8649dff6a33b6
2a941692a764c1e8f38075ece8dcac8d9b517215e79c193baf56e72ff36a9728
5c3bf3c44b476debe9ef30923782696f36a7171d16175cf4803f9df30c0176a4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
678221938b349cc06a42e2f9c817712ee18ea1cbf48e300cb6a4e34853dbccd2
75d46b2d335e6573e7fb9263178a86202a8ca2ba0640cc35fdc286382db9e2f6
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
7eb47b7c55bb3587e13b3d921b828c663a82157eb8d2608f15aae13e37a949b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89c8851852f29a95db46024c2b8f9b9e58670e5a4badec2a5c2d53e423f440f4
9bd6a2628dc63f93b3c7e677905f4e7771512595e798c06925e59d69b1909e3f
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d025ca3fc035438bf68c6ef029c9f573bf84c81e67554f494e0fa0ae5a88250b
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
d6e5646255db570dd950f7f502b37fbe8b8af950382c12b6a66bbc0592e4cb69
e82db7a4f0832f60b27dc79cf27983e545d0521312436d9e1ea537b2f54a59f8
e8402b49e6b57ed525e4722b3b7e732638f4b580a499857dc6b8b492b261361e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3