urlscan.io logo urlscan.io
SecurityTrails logo

roobet.com Open in urlscan Pro
2606:4700:4400::6812:240d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://driversoil.roblogram.com/
Effective URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_me...
Submission Tags: phishingrod
Submission: On October 13 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 2606:4700:4400::6812:240d, located in United States and belongs to CLOUDFLARENET, US. The main domain is roobet.com. The Cisco Umbrella rank of the primary domain is 637479.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time roobet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 70.32.1.32 32181 (ASN-GIGENET)
1 4 103.224.182.206 133618 (TRELLIAN-...)
1 1 35.234.86.61 396982 (GOOGLE-CL...)
9 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
21 7
1    70.32.1.32 (Ashburn, United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-70.32.1.32.hosted.by.gigenet.com
driversoil.roblogram.com
4    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
cibago.com
1    35.234.86.61 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com
go.roobetaffiliates.com
9    2606:4700:4400::6812:240d (United States)

ASN13335 (CLOUDFLARENET, US)
roobet.com
1    2606:4700:3036::6815:5fd4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.seondf.com
2    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:2510:9a00:b:ba05:1580:93a1 (United States)

ASN16509 (AMAZON-02, US)
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com
1    2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
9 roobet.com
roobet.com — Cisco Umbrella Rank: 637479
92 KB
4 cibago.com
cibago.com
3 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
107 KB
1 certria.com
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com
2 KB
1 seondf.com
cdn.seondf.com — Cisco Umbrella Rank: 122340
180 KB
1 roobetaffiliates.com
go.roobetaffiliates.com
704 B
1 roblogram.com
driversoil.roblogram.com
2 KB
0 adsrvr.org Failed
js.adsrvr.org Failed
0 paymentiq.io Failed
static.paymentiq.io Failed
21 10
Domain Requested by
9 roobet.com cibago.com
roobet.com
4 cibago.com 1 redirects cibago.com
2 static.cloudflareinsights.com roobet.com
1 www.googletagmanager.com roobet.com
www.googletagmanager.com
1 b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com roobet.com
1 cdn.seondf.com roobet.com
1 go.roobetaffiliates.com 1 redirects
1 driversoil.roblogram.com 1 redirects
0 js.adsrvr.org Failed www.googletagmanager.com
0 static.paymentiq.io Failed roobet.com
21 10

This site contains no links.

Subject Issuer Validity Valid
npgroup.au
R10		 2024-08-15 -
2024-11-13		 3 months crt.sh
roobet.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
seondf.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.seals-xcm.certria.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-06-11 -
2025-07-13		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Frame ID: 082382C0D979015DCB2FD3F4F45DB80D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roobet | Crypto's Fastest Growing Casino

Page URL History Show full URLs

  1. https://driversoil.roblogram.com/ HTTP 302
    http://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8yd... HTTP 307
    https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8yd... Page URL
  2. https://cibago.com/r.php?u=https%3A%2F%2Fgo.roobetaffiliates.com%2Fvisit%2F%3Fbta%3D35630%26bra... HTTP 302
    https://go.roobetaffiliates.com/visit/?bta=35630&brand=roobet&afp=.ca.01.nonadult&afp1=1993344207&utm_campai... HTTP 302
    https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

21
Requests

67 %
HTTPS

63 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

398 kB
Transfer

5366 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://driversoil.roblogram.com/ HTTP 302
    http://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09 HTTP 307
    https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09 Page URL
  2. https://cibago.com/r.php?u=https%3A%2F%2Fgo.roobetaffiliates.com%2Fvisit%2F%3Fbta%3D35630%26brand%3Droobet%26afp%3D.ca.01.nonadult%26afp1%3D1993344207%26utm_campaign%3DTRL&s=j&enc=IFLMMZ74SLi%2FulgwOtql4349fktYVm01QmtDK243RlRLUk51MGIza0pRVS83eUUzb0lYeEkrMGhCUmNkNkxKbEdzYysxamQ2Z0plRElrMWNod3E4aEtESDM4T2l6YUVNSkdBVEhBcWsxNzNVa0RRekdmQUdUQzMrdWx2SUNRS3FmcnkxcE10dU0xSXNsbzh1SVFSYmpJemVBQ3dyUEFTWm5CM3FUSU0vSUFueUdIdzF0NGUvWjlDdElwMkRMbjFlWXh4YUdlYWQ2dmhpZEE1RFZnN29oMU5ZOGJLdVpKTEh4aU92Y2c1RXE3YzcwdE5NaTlIT0hDTENJZ3I4MnNSc2FOWmc1ZkZyWWNCVlZ1R0JlSER5NVFyeUJ3WkFpZGQ0aEZsaTBLYTlNSXNyVjJ5RzVQOVo4Zm5QRWNWOFpSSnFzZ0x4djJ6TFhRa2prVVFDS0l2R3pNQkVsNi9odmp5a2hKSTc1eG5vN2lkNWFmUlJFSlFXQ3gwQ3BjWFhtUUc1aWVWWlpSTlNpVm12WlhwWDZFVFAvVjBtT2hSTjBZQ3dDWVRrK3hBSkNLVVIwUEMwcFg4R3VtcTFTQTFPM2UzRlNsTjRNUWxEZHRCNkxReWExTWhIODJuTU0yOG94cGJiQ1RMRjJLTnN2VGx0R0NMWEtyVGxscGlnVDVwc0xTeWdHc2YzUUdONzdmK0JLc1poQTBKdGJjelZaQ3FRcTZwQWpIbnJEV29LWEVLdWU2bG12OFNkcFVtb0hHbjB0cDdMekpQK3AyUVVlNEtZVS9uODBpbUc4aStsWjcrOVVFYk8wZXo3a0VwWG1oQzdqY1BKZDJpMm1VckJOUEtrV2hyUitwczdCUUtpOUNmZFRtVDNJMlN3bmE5bVhLbjk4Wm16SGF1bXMwQmp0N293ZXJzYlJzTGtVZ09ZMzJoZ2ZlYUVSK1NVN2Y1cGVVZ0pkTmdPYXZKK1p0VUZQemlkK3F5Z1pyN29ESCt4VXo0RHBLWE1ldjcrRW10MlRkUWp6VXlETGpRZ2tGWVVodEw4aXFLdkszZk50RXdDWmJFbzFqUllhWjRmRExZdTNuaEFLTXZrc1hONTk3TnpMdW5kQkNsejdNU0IyWlRCSjd4aFZUbnJQRm00Z3NVQmVrQlc4REFuQVdWSE8rYlhGa1B4UVV2UldhTjBaYThWR0c2L2pBL1FobGlFdmlEVTNWc2ExLytZSTgwSi9tdThEd0JlQ3ZOM2V2NmxHQVc0WS8wZWZTTkRsSFQ3YnJESmFlOTFhZG9FeGVKMWVuRyt1ZURVSFNWblBaNzN0eWFLZnZHdkh6S0JObnBJTUc1SEFUS3VWclQrbGlJS2kwd1FCbXdsMGc4NnUxQTRqS1RCYmF2NHN4RnBoem5hOE1rSUtqNEZ4YWV4L2JJOW9hWG1BPT0%3D&vs=1600:1200&ds=1600:1200&sl=60:60&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1 HTTP 302
    https://go.roobetaffiliates.com/visit/?bta=35630&brand=roobet&afp=.ca.01.nonadult&afp1=1993344207&utm_campaign=TRL HTTP 302
    https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content] Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://driversoil.roblogram.com/ HTTP 302
  • http://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09 HTTP 307
  • https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xr.php
cibago.com/
Redirect Chain
  • https://driversoil.roblogram.com/
  • http://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RO...
  • https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2R...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
c9a6fb95601e65a827d59ef15e2ec4ebf15034b651eb47f3d21fbfbc92101cf1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
2478
content-type
text/html; charset=UTF-8
date
Sun, 13 Oct 2024 09:02:32 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09
Non-Authoritative-Reason
HttpsUpgrades
jscheck.php
cibago.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cibago.com/jscheck.php?enc=IFLMMZ74SLi%2FulgwOtql4349fktYVm01QmtDK243RlRLUk51MGIza0pRVS83eUUzb0lYeEkrMGhCUmNkNkxKbEdzYysxamQ2Z0plRElrMWNod3E4aEtESDM4T2l6YUVNSkdBVEhBcWsxNzNVa0RRekdmQUdUQzMrdWx2SUNRS3FmcnkxcE10dU0xSXNsbzh1SVFSYmpJemVBQ3dyUEFTWm5CM3FUSU0vSUFueUdIdzF0NGUvWjlDdElwMkRMbjFlWXh4YUdlYWQ2dmhpZEE1RFZnN29oMU5ZOGJLdVpKTEh4aU92Y2c1RXE3YzcwdE5NaTlIT0hDTENJZ3I4MnNSc2FOWmc1ZkZyWWNCVlZ1R0JlSER5NVFyeUJ3WkFpZGQ0aEZsaTBLYTlNSXNyVjJ5RzVQOVo4Zm5QRWNWOFpSSnFzZ0x4djJ6TFhRa2prVVFDS0l2R3pNQkVsNi9odmp5a2hKSTc1eG5vN2lkNWFmUlJFSlFXQ3gwQ3BjWFhtUUc1aWVWWlpSTlNpVm12WlhwWDZFVFAvVjBtT2hSTjBZQ3dDWVRrK3hBSkNLVVIwUEMwcFg4R3VtcTFTQTFPM2UzRlNsTjRNUWxEZHRCNkxReWExTWhIODJuTU0yOG94cGJiQ1RMRjJLTnN2VGx0R0NMWEtyVGxscGlnVDVwc0xTeWdHc2YzUUdONzdmK0JLc1poQTBKdGJjelZaQ3FRcTZwQWpIbnJEV29LWEVLdWU2bG12OFNkcFVtb0hHbjB0cDdMekpQK3AyUVVlNEtZVS9uODBpbUc4aStsWjcrOVVFYk8wZXo3a0VwWG1oQzdqY1BKZDJpMm1VckJOUEtrV2hyUitwczdCUUtpOUNmZFRtVDNJMlN3bmE5bVhLbjk4Wm16SGF1bXMwQmp0N293ZXJzYlJzTGtVZ09ZMzJoZ2ZlYUVSK1NVN2Y1cGVVZ0pkTmdPYXZKK1p0VUZQemlkK3F5Z1pyN29ESCt4VXo0RHBLWE1ldjcrRW10MlRkUWp6VXlETGpRZ2tGWVVodEw4aXFLdkszZk50RXdDWmJFbzFqUllhWjRmRExZdTNuaEFLTXZrc1hONTk3TnpMdW5kQkNsejdNU0IyWlRCSjd4aFZUbnJQRm00Z3NVQmVrQlc4REFuQVdWSE8rYlhGa1B4UVV2UldhTjBaYThWR0c2L2pBL1FobGlFdmlEVTNWc2ExLytZSTgwSi9tdThEd0JlQ3ZOM2V2NmxHQVc0WS8wZWZTTkRsSFQ3YnJESmFlOTFhZG9FeGVKMWVuRyt1ZURVSFNWblBaNzN0eWFLZnZHdkh6S0JObnBJTUc1SEFUS3VWclQrbGlJS2kwd1FCbXdsMGc4NnUxQTRqS1RCYmF2NHN4RnBoem5hOE1rSUtqNEZ4YWV4L2JJOW9hWG1BPT0%3D&rand=0.34254026754679656&vs=1600:1200&ds=1600:1200&sl=60:60&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
Requested by
Host: cibago.com
URL: https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09

Response headers

content-length
0
date
Sun, 13 Oct 2024 09:02:33 GMT
content-type
text/html; charset=UTF-8
server
Apache
connection
close
favicon.ico
cibago.com/ 		94 B
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cibago.com/favicon.ico
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09

Response headers

content-type
text/html
cache-control
no-cache
Primary Request /
roobet.com/
Redirect Chain
  • https://cibago.com/r.php?u=https%3A%2F%2Fgo.roobetaffiliates.com%2Fvisit%2F%3Fbta%3D35630%26brand%3Droobet%26afp%3D.ca.01.nonadult%26afp1%3D1993344207%26utm_campaign%3DTRL&s=j&enc=IFLMMZ74SLi%2Fulg...
  • https://go.roobetaffiliates.com/visit/?bta=35630&brand=roobet&afp=.ca.01.nonadult&afp1=1993344207&utm_campaign=TRL
  • https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Requested by
Host: cibago.com
URL: https://cibago.com/xr.php?e=tVnOnfQ3TmEpd9k8%2Bf0GQH49fk5LQW9sb0tEamxJbk9OUU1naldEa3Nrak9OTy8ydkJ3RTIzZ21PcWY2c2s5RjB6SWU5bE5jekUyWGZsSFFnZGp4eFpuYkgzdEtQL1ZsZUNHUVZjWkt4WTFZRnZHYzVyMU5UVWhIakdnS2RONUpTQjhZR1czK2lTdGFpTy80Uy9TR0Y0bEhOVWdjTTF2TC9zQUhHM2tmM1lhelJ6UlRITE1MMkVjVzl6aUIvck5QNUdJZmRUdDA3UWRrV09xVXlPRittTGt4WnBZbHRUellSWHkyUTZlWkgycExsYkZIWFYzcDA1WUZjU3dIa1VGS3dIS0JJNlpFT3Q4M0RCM2ROSEh4ZnVVVzlFOUw0Q0VONVNnVGxpdThabDJDTXdMZGhWMC9pcjZTaGp4MUNVUHUvdk9Rcy9RUmlBbDNQOUdYMUEyalVXT1ZWWWI0b1R4amxjUmFGSTJpTjV2eG44YWZoVlBZWUhZOXlwczRuQTF1UzVXTDRZamsrRkVRdEc5S2JYRm1wVFlTajdiMFA5NGFTQXlUMDRXR3NMRURLWkhjT1lZeC9IblN2WDJLZ0pyeVRjaktmaGhaRjJUcUZQWDJ4amxZOXM1NkFCNXpMRHVibVVqcGhCcTJtUmMzN2loNEgvNm5LclA2RzFiTjhzamYyWCtmZnBEMHhzU29xZWJIVmxGMWJBZ05iaTl3R1Vuc2kwbWlnRXVqQ09HdXozN0VVQVc5TXJwdVRwQlQ1UEg3ajB3TzAxOUM4TnBWU0licGVDaytUR3E4dENNcUpwem5lWXVWZS9TVDJKcmVWUDA2L2VtaldWc0ZxNktKWjBhOHRyelR0MHorZTEzRUVpVGszQlUyYm9BTVQ0UzI5OGY1YWVZanIzTUlVUlRXYjRXMjhFZnJ0eEZYQWFlVWE1YXIzTTJGTVl3Vmd0MlQ1Z0JWYVZjSGdpNEwwd044alcwdnFKek9kT2M5QnlFd2FUeGp1OTcxQ05UYi9DdHFvOGMyMHFEWkhGV0pMV3JvL3B4NXQwODJvWkNSeHpCVGVnM20xY1lkSHJsc2xBS2NGbHRvTmRtZk80UzZYSkpsUGxNQ25tZW1UY2xEcVQ0N2laL1kzTUhJdzdZSHZNQmR6Z2RKTS9mNGUreDcwQnNpSy9udUJsYWpHWXdCOUY0b3F2Qy9VTDUvWlRRbUVwN2d2djVOUnhQN3M1MFNtWlFWdU0yWW5OWDNQSm9jQT09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b543e66e3f0add2b50dc5fdd7114847701effcb42fb8bfb9b2e20ab883823fca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cibago.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d1e26d2ef5143bf-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 13 Oct 2024 09:02:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJbYkqFmwwLli70Cm0Yui48xuAzELVHriWPnz3lqGN%2BZQUTtEz5doPAIo4YkdRIkVssNNgFOOq%2FPjcGQPD2g8t%2FoggjMQFnI7sIyitq3pCxX1bv5m4FhystSCh1DwF%2F0A5QYHI4xx3pF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
3
Content-Type
application/octet-stream
Date
Sun, 13 Oct 2024 09:02:35 GMT
Server
rhino-core-shield
X-Cache-Status
MISS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
location
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
pragma
no-cache
referer
https://cibago.com/
surrogate-control
no-store
speculation
roobet.com/cdn-cgi/ 		2 B
166 B 		Other
General
Check archive.org
Download Go to
Full URL
https://roobet.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://roobet.com
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
8d1e26d3af9143bf-EWR
alt-svc
h3=":443"; ma=86400
content-length
2
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/speculationrules+json
vary
Accept-Encoding
server
cloudflare
agent.js
cdn.seondf.com/js/v5/ 		563 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.seondf.com/js/v5/agent.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb76ac4be156a35d9dc786c73728219d9f60bb7670fde30c50e5dc672a2a6a3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
x-amz-version-id
_21zlJQgwR7CoT1deAfaJl1BeD3zVkoQ
etag
W/"fbadce07e23bfd7fd5a5c66b271d798a"
age
3226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IW%2F34Tr5%2B3DUFRPa2sCtfyL%2FD8JAnDtSgfyT%2FKRWk7ZujS6ihmjMWgpY4ULFtQMavD2PrtpCrSeV1LB%2BVybK0Tuji9b5INUuOE7U60rLQdrfNGrcAbHVaHV8kNX2V4nqwOWlP0GuWhCWGnV%2Bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
g3mvvnLwvbuWa1FwLfIwX5ibk9poQ3GrcVEvuSFpUrBluOwewp_W3w==
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 09:46:52 GMT
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
cf-ray
8d1e26d4ab5f440b-EWR
x-amz-cf-pop
EWR53-P1
server
cloudflare
x-amz-server-side-encryption
AES256
cashier.js
static.paymentiq.io/cashier/ 		0
0
product.01a0ba326228134a9ab6.css
roobet.com/ 		94 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roobet.com/product.01a0ba326228134a9ab6.css
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac0b8881a60f47a4748cc89334624fe6789a23e4ebb3c5ceee4a248cee2a55a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"375902a1e293eda62d6d762e922418c1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJ4mtXbbrRUNGtSBQ%2BNcR9LbIpiMhonyTBv62i2wDOkRz7Cr4bqrOnOakbvnNnhdkE%2Fma%2FzGuhhqpk6%2FpFyHqr1giQL2l9C3R7fLOc5YU%2BMxw0NzFdMgOjXmthDs53hBu0b8co5fJRMB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3af9243bf-EWR
access-control-allow-origin
*
server
cloudflare
Roo.svg
roobet.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roobet.com/images/Roo.svg
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97410e0b07563499116419d1cbb8400a1a6f119afcc1f08288d3d637696e99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"958127c2ab4cfd4d50eeb8e86771c4c1"
age
317382
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaPlL5eF714mBXs9HuWrsfErWegUmfUndQcXgxSK3%2Bq97YZpURBLxcz6ntc6bb4tMSJu3%2BOloVX8LXUT8qszzwMufBw4jOB0IEZtUi4tC%2FzRMoiN75Je2m0dtYFT%2BKtfLMUFQaUGadMs"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
image/svg+xml
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3af9343bf-EWR
access-control-allow-origin
*
server
cloudflare
3c9d33efd96cbd51a301.b.js
roobet.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roobet.com/3c9d33efd96cbd51a301.b.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c8208137ffdc7ecfc745663e4f96fcefdc2562f18ed9a5602e3a43049dc2b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"febf17646720d228fbc407634b82e92a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4yylP3V9vmWjDFgV4IOzModEWSt9xOwA%2FUiiYJ7EGnO5OBL40A%2BhSqkzzZK5%2B2oBoSszMaeHsCA0mkmTiTX00LsrfacdbX7cOCBTNs5bLz0k9C6AxfsCNdIQIYAP8Ao%2BVyfIITQc73d"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3ef9f43bf-EWR
access-control-allow-origin
*
server
cloudflare
46aeb8aa63aaa410d3f3.b.js
roobet.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roobet.com/46aeb8aa63aaa410d3f3.b.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2695dc7cf3dd93cdbaaafad51c5fe741caf221c17525ed0b08e11cfa0b2fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"22daa381ef4c68db4c43521af5e0552c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECOtqz21PSYi9A6iBzoYNrIeIeJmXGoo1bwbTJshaZX%2FPhFf2CiZQCPpRXjWwUC4G77YSZmA1Vqk1mybchrYRfAbumSslwi8YJySPWsW4rKCHCqnQMEx0%2FxcJEq9%2F%2BXvY2UcCvCHRunD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3efa143bf-EWR
access-control-allow-origin
*
server
cloudflare
8fa77718867e9b8c1d57.b.js
roobet.com/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roobet.com/8fa77718867e9b8c1d57.b.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"57189984795441a874e7a6965a8ba717"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unlum32plymv%2FMWxWjmpP1GzMsn09Tmf8LB6RxscqmXw7s3TiTz%2F7VryTBM5rkWvIm2%2FRRRPBk8q717TPrxhA97oxlV0Cb%2FY0GxfMR1X1z3ZCuWprAHsvEl54YVbG12IA3MXskY4VZMJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3efa243bf-EWR
access-control-allow-origin
*
server
cloudflare
76e845b5c7036ae916e2.b.js
roobet.com/ 		164 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://roobet.com/76e845b5c7036ae916e2.b.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1694f0522be25c9322f35fd6dde822b44450b1646dfd157e519af8bd49b6dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"11e87b0e727f1199253762e680394e39"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyjQ52PT3KWDt6g6QBsj2f6B1tuHvMVUxML2AwEW2YZqBhaQH6JFDJMIGWvUF7gd33yD0K08ZMcHd2YXCUYT73SlYdFZznoNPWwjwoPzluAzKAEhXJzw4ucKSBHNTR2XgMlzETEjSaiu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3efa443bf-EWR
access-control-allow-origin
*
server
cloudflare
2e2e7c3da7c14dd4951f.b.js
roobet.com/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roobet.com/2e2e7c3da7c14dd4951f.b.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"c737069bef38fd1b135eaf51e2da28c2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5HIMsLjaH2jIKvb7wRynSQKm9k7WQuW5Lo%2Bdc%2FjSGdLW9elXJLKImgJd5P8ADy19hKgZ0b%2FK2yh%2FSkbomhNhg23qsnjKMyoC3N4yynPxWrLY09yAeKSlfGjvElioycFhi3ApXI6u80b"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 13 Oct 2025 09:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1e26d3efa543bf-EWR
access-control-allow-origin
*
server
cloudflare
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d1e26d4dbdfc33b-EWR
access-control-allow-origin
*
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://roobet.com
Referer
https://roobet.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d1e26d4eafa433f-EWR
access-control-allow-origin
*
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
xcm-seal.js
b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b6fbd907-6224-495b-891d-cd23b3e29488.seals-xcm.certria.com/xcm-seal.js
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:9a00:b:ba05:1580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c60d1dc17307cf0d93b65ee0dac240f6d076ab43db29b53e8c5db0df1f1624ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=300
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"beb-bJx00HfSEEFh/Fd3/JEAD/xMyNQ"
age
196
via
1.1 98bc8180e0431e8f05afc9802305f1d2.cloudfront.net (CloudFront)
cf-ray
8d1e220b1de68232-IAD
x-cache
Hit from cloudfront
x-amz-cf-id
Ut8Ydh4bA4GBswyevRqYGDhGT7jcHMn2wbpO32mYL3WvhqiLEsyqCQ==
date
Sun, 13 Oct 2024 08:59:20 GMT
content-type
text/javascript; charset=utf-8
x-powered-by
Express
server
cloudflare
x-amz-cf-pop
JFK50-P5
gtm.js
www.googletagmanager.com/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-563FCQS
Requested by
Host: roobet.com
URL: https://roobet.com/?affid=35630&cxd=35630_657141_|afp0:.ca.01.nonadult|afp1:1993344207|afp10:TRL&utm_medium=[utm_medium]&utm_campaign=TRL&utm_content=[utm_content]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
744b4a4683ef59ad0b91b6a2d04c783e7fe8555029026a47e171f0a4fe12600f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://roobet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 13 Oct 2024 09:02:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 09:02:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109064
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
up_loader.1.1.0.js
js.adsrvr.org/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.paymentiq.io
URL
https://static.paymentiq.io/cashier/cashier.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-00JS1BZ93P&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-W62ERM8Q5Q&l=dataLayer&cx=c
Domain
js.adsrvr.org
URL
https://js.adsrvr.org/up_loader.1.1.0.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| webpackChunkroobet_fe object| google_tag_manager object| google_tag_data function| elementLoaded number| searchTimer object| regIntent function| a0_0x3287 function| a0_0x1b74 object| webpackChunkseon_javascript_sdk object| seon

4 Cookies

Domain/Path Name / Value
driversoil.roblogram.com/ Name: __tad
Value: 1728810151.7317161
.cibago.com/ Name: __dsnsid
Value: 20241013200231e1af34e5826ac9da51
go.roobetaffiliates.com/ Name: roobet-v
Value: 657141
.roobet.com/ Name: _gcl_au
Value: 1.1.1995954579.1728810156

1 Console Messages

Source Level URL
Text
network error URL: https://cibago.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)